OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • English Forums »
  • 20.1 Legacy Series »
  • Unbound Plus Plugin and DoT hostname validation?
« previous next »
  • Print
Pages: [1]

Author Topic: Unbound Plus Plugin and DoT hostname validation?  (Read 397 times)

opnfwb

  • Full Member
  • ***
  • Posts: 111
  • Karma: 18
    • View Profile
Unbound Plus Plugin and DoT hostname validation?
« on: May 08, 2020, 06:11:18 am »
I had a question for @mimugmail or anyone else that may know how the Unbound Plus plugin is doing hostname validation for DoT implementations?

Currently, I'm using regular Unbound with the following entries in the Advanced section:
Code: [Select]
# TLS Config
tls-cert-bundle: "/etc/ssl/cert.pem"
# Forwarding Config
forward-zone:
name: "."
forward-tls-upstream: yes
forward-addr: 1.1.1.1@853#1dot1dot1dot1.cloudflare-dns.com
forward-addr: 1.0.0.1@853#1dot1dot1dot1.cloudflare-dns.com

I would like to convert to using Unbound Plus plugin and input my DoT servers there. However, it does not appear to use the hostname for validation? Only the IP and Port?
Logged

mimugmail

  • Hero Member
  • *****
  • Posts: 5071
  • Karma: 350
    • View Profile
Re: Unbound Plus Plugin and DoT hostname validation?
« Reply #1 on: May 08, 2020, 09:53:32 am »
Yes, it's in the making, needs some time
Logged
IRC: mimugmail
Twitter: mimu_muc
WWW: www.routerperformance.net

opnfwb

  • Full Member
  • ***
  • Posts: 111
  • Karma: 18
    • View Profile
Re: Unbound Plus Plugin and DoT hostname validation?
« Reply #2 on: May 08, 2020, 03:54:59 pm »
Thanks for the reply. If it is helpful, I am happy to test future versions. I have a few OPNsense VMs in a lab that I can demo stuff on before I push it to production.
Logged

  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • English Forums »
  • 20.1 Legacy Series »
  • Unbound Plus Plugin and DoT hostname validation?
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2021 All rights reserved
  • SMF 2.0.17 | SMF © 2019, Simple Machines
    Privacy Policy
    | XHTML | RSS | WAP2