DNS TLS with Multi WAN

[N0_Klu3]

Hey guys,

I am looking to set different DNS TLS names for each gateway.
How can I add DNS-over-TLS "dns.nextdns.io" to each gateway?

So WAN1 45.90.28.124 and 123.dns.nextdns.io
and WAN2 45.90.30.43 and 567.dns.nextdns.io

In pfSense under System -> General Setup
I added 2x DNS like the above as it has a TLS Hostname option and then a select which gateway option and jobs a goodun.

If I look at the router setup guide for NextDNS it says:
Unbound
Use the following in unbound.conf:

Code: [Select]

forward-zone:
  name: "."
  forward-tls-upstream: yes
  forward-addr: 45.90.28.0#xx.dns1.nextdns.io
So I can add this for each dns, but how do I add it in unbound on a per Gateway option?

Or if I set each DNS server in General on OPNsense and chose the gateway there.
Under unbound can I just add:

Code: [Select]

server:
  tls-cert-bundle: /etc/ssl/cert.pem
forward-zone:
  name: "."
  forward-tls-upstream: yes
  forward-addr: 45.90.28.0#123.dns1.nextdns.io
  forward-addr: 45.90.30.0#567.dns2.nextdns.io
Would that config work for each separate gateway?