DNS over TLS - Tutorial ?

Started by opnsenseuser, January 28, 2019, 09:51:17 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
January 28, 2019, 09:51:17 AM Last Edit: January 28, 2019, 10:37:39 AM by opnsenseuser
is there any working tutorial for unbound?
Do i need to explicit block the port 53 ?
Do i need a nat rule ?
How can i test if this is 100% working ?

i found several tutorials. what is the actually best working solution?

thx
regards
rené

P.S. sorry wrong Forum. should be in tutorials! :-)
Supermicro A2SDi-4C-HLN4F
Team Rebellion Member (sidebar / themes: tukan, cicada & vicuna)
January 28, 2019, 10:50:46 AM #1
this is the newest tutorial i found:

https://stafwag.github.io/blog/blog/2018/12/09/configure-dns-tls-on-opnsense/

is this configuration 100% save?

regards
rené
Supermicro A2SDi-4C-HLN4F
Team Rebellion Member (sidebar / themes: tukan, cicada & vicuna)
January 28, 2019, 05:03:21 PM #2
Quote from: opnsenseuser on January 28, 2019, 10:50:46 AM
this is the newest tutorial i found:

https://stafwag.github.io/blog/blog/2018/12/09/configure-dns-tls-on-opnsense/

is this configuration 100% save?

regards
rené

this tutorial works for me, but how do i prevent traffic over port 53?
Supermicro A2SDi-4C-HLN4F
Team Rebellion Member (sidebar / themes: tukan, cicada & vicuna)
January 28, 2019, 05:41:26 PM #3
if there is any traffic on port 53 one of your clients is not using your opnsense dns
Code Select
tcpdump -i wan_interface udp port 53

Check for working DNS over TLS
Code Select
tcpdump -i vr1 tcp port 853

i think it works! :-)

@fabian would be great if you could move this to tutorials! regards rené
Supermicro A2SDi-4C-HLN4F
Team Rebellion Member (sidebar / themes: tukan, cicada & vicuna)
July 26, 2020, 09:48:15 PM #4
I'm not sure if it works, because in my case:
Code Select

tcpdump -i vr1 tcp port 853
(BIOCSETIF failed: Device not configured)
Print
Go Up Pages1
User actions