Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
17.7 Legacy Series
»
Unbound - DNS via TLS?
« previous
next »
Print
Pages: [
1
]
Author
Topic: Unbound - DNS via TLS? (Read 10338 times)
chemlud
Hero Member
Posts: 2097
Karma: 94
Unbound - DNS via TLS?
«
on:
July 21, 2017, 11:35:26 am »
Hi everybody!
Recently I read somethink about unbound, starting to support DNS via TLS, to stop providers and everyone else on the net to know which pages are used by whom on the internet.
Are there any plans to make this feature available in the near future in the opnsense GUI? Is this even possible in the next time?
Would like to know about that crucial privacy feature!
Many thanks in advance
Logged
kind regards
chemlud
____
"The price of reliability is the pursuit of the utmost simplicity."
C.A.R. Hoare
franco
Administrator
Hero Member
Posts: 13903
Karma: 1206
Re: Unbound - DNS via TLS?
«
Reply #1 on:
July 24, 2017, 07:40:50 pm »
Hi chemlud,
Couldn't find any substantial description of how to use it. Do you have a fitting link?
Thanks,
Franco
Logged
fabian
Hero Member
Posts: 2768
Karma: 199
OPNsense Contributor (Language, VPN, Proxy, etc.)
Re: Unbound - DNS via TLS?
«
Reply #2 on:
July 24, 2017, 09:21:19 pm »
the thing I can find is ssl-service-key on
https://www.unbound.net/documentation/unbound.conf.html
Logged
tillsense
Sr. Member
Posts: 309
Karma: 48
Re: Unbound - DNS via TLS?
«
Reply #3 on:
July 25, 2017, 07:11:32 am »
Hi all,
here is a quick tut
https://calomel.org/unbound_dns.html
see section: DNS Over TLS, simple recursive caching DNS, TCP port 853 ENCRYPTED
cheers till
Logged
chemlud
Hero Member
Posts: 2097
Karma: 94
Re: Unbound - DNS via TLS?
«
Reply #4 on:
October 26, 2017, 11:53:39 am »
...any news/plans on that?
https://www.golem.de/news/dns-ueber-tls-google-bringt-sichere-dns-abfragen-in-developer-android-1710-130827.html
:-)
Logged
kind regards
chemlud
____
"The price of reliability is the pursuit of the utmost simplicity."
C.A.R. Hoare
Nnyan
Jr. Member
Posts: 91
Karma: 8
Re: Unbound - DNS via TLS?
«
Reply #5 on:
November 15, 2017, 08:59:19 pm »
this would be really nice to have.
Logged
chemlud
Hero Member
Posts: 2097
Karma: 94
Re: Unbound - DNS via TLS?
«
Reply #6 on:
November 16, 2017, 02:30:37 pm »
...startin to get interesting?
https://www.heise.de/newsticker/meldung/Quad9-Datenschutzfreundliche-Alternative-zum-Google-DNS-3890741.html
"Quad9 erlaubt Nutzern als erstes großes Resolver-Netz überhaupt, ihre DNS-Anfragen über TLS zu verschlüsseln. "
Logged
kind regards
chemlud
____
"The price of reliability is the pursuit of the utmost simplicity."
C.A.R. Hoare
franco
Administrator
Hero Member
Posts: 13903
Karma: 1206
Re: Unbound - DNS via TLS?
«
Reply #7 on:
November 16, 2017, 03:01:48 pm »
We can try a patch next week, yet I am fairly certain this will be one hell of a support nightmare if we switch system DNS servers to only work with TLS as it requires the two DNS checkboxes to be set like this: do not override DNS servers, use resolver / forwarder for this firewall.
And better yet, not using these exact values will cause DNS leaks, which is a weird point as we are trading security for privacy or vice versa. It’s a strange world we live in.
Cheers,
Franco
Logged
xayide
Newbie
Posts: 14
Karma: 0
Re: Unbound - DNS via TLS?
«
Reply #8 on:
January 04, 2018, 05:26:18 pm »
What happened to this, does it work yet?
Logged
loredo
Newbie
Posts: 38
Karma: 2
Re: Unbound - DNS via TLS?
«
Reply #9 on:
April 02, 2018, 01:07:18 am »
https://1.1.1.1
Logged
franco
Administrator
Hero Member
Posts: 13903
Karma: 1206
Re: Unbound - DNS via TLS?
«
Reply #10 on:
April 04, 2018, 07:59:33 am »
Works, but not integrated into the GUI yet. Need to use advanced settings:
https://forum.opnsense.org/index.php?topic=7811.0
Cheers,
Franco
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
17.7 Legacy Series
»
Unbound - DNS via TLS?
