Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
DNS redirect best practice
« previous
next »
Print
Pages: [
1
]
Author
Topic: DNS redirect best practice (Read 445 times)
shayg
Newbie
Posts: 1
Karma: 0
DNS redirect best practice
«
on:
May 19, 2024, 03:19:04 pm »
I have Opnsense and AdGuard Home (AGH) set up as a plugin on the same machine. Currently, I'm redirecting DNS queries from Opnsense Unbound to AGH over TLS. However, this setup doesn't provide full query transparency from the device to the query.
I'm considering some alternatives:
1. Forwarding the query without TLS.
2. Setting up AGH as the main DNS server and Unbound as a downstream server.
3. Leave it as is
Which setup is more correct or idiomatic in terms of capabilities and network architecture?
Logged
9axqe
Full Member
Posts: 201
Karma: 4
Re: DNS redirect best practice
«
Reply #1 on:
May 20, 2024, 05:48:37 pm »
Why do you need unbound? You could just use AGH and simplify a lot...
The only reason I see to use unbound is for upstream DNS, unbound is able to do recursive DNS, while AGH is not and must use an (encrypted) upstream DNS provider such as Quad9, Mullvad, nextDNS, etc.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
DNS redirect best practice