[solved] unbound connection to quad9 TLS

Started by xternal`, August 27, 2025, 02:43:51 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
August 27, 2025, 02:43:51 AM Last Edit: August 29, 2025, 09:38:19 AM by xternal`
Hi all,
I am getting a very strange problem which just started this morning. I can't see anything in the logs which would indicate what is causing it either.
When using the quad9 tls servers in unbound (9.9.9.9) dns resolution fails. If i use cloudflare or google tls it works perfectly.
I can use dig +tls @9.9.9.9 to resolve names manually so connection to 9.9.9.9 doesn't seem to be the problem and I can't see anything in the unbound logs indicating an error.

Is anyone else having a problem? Could it be a certificate error or something on the opnsense box?
August 27, 2025, 07:22:31 AM #1
I assume you have added 9.9.9.9 (and their second IP 149.112.112.112?) to 'DNS over TLS'?

To check the TLS connection and see if there is an issue, in the OPNsense console, run:

Code Select
openssl s_client -connnect 9.9.9.9:853 | more
On a test VM I do use 9.9.9.9/149.112.112.112 I don't see any issues. But then I don't use it for hour every day.
Deciso DEC740
August 29, 2025, 09:37:43 AM #2
Thanks, it was configured correctly and just stopped working. I just renabled those servers to test again and it is working again. Maybe it was something to do with the cdn or something. Thanks though!
Print
Go Up Pages1
User actions