Is OpenDNS with UDP Port 53 safe enough?

Started by guest24551, July 03, 2020, 11:21:08 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
July 03, 2020, 11:21:08 AM
I am using Unbound to resolve my requests via 853 and thats working with 9.9.9.9, 1.1.1.1 and some others.
I googled around and found out that OpenDNS doesn't support DNS over TLS. Now is there a way to make it somehow safer?
Should I port forward 53 from src: opnsense using port 53 to 853?
What would you recommend in terms of DNS security?

I tried adding Rules like in this pfsense guide for DoT. https://medium.com/@davetempleton/setting-up-dns-over-tls-on-pfsense-bd96912c2416

But unfortunately it only killed all clientside DNS requests, even after disabling the rules.


edit: Turned out, that while I played around with the configs, Unbound wasnt correctly using tls. Had an error with DNSKEYS caused by DNSSEC and dnscrypt ...

always check ur logs'n'ports!

tcp -v -i <waninterface> udp port 53
tcp -v -i <waninterface> tcp port 853
Print
Go Up Pages1
User actions