Cloudflare DNS over TLS with Unbound

csmall · April 04, 2018, 04:02:59 AM

Looking at this article https://www.netgate.com/blog/dns-over-tls-with-pfsense.html?utm_campaign=DNSoverTLS&utm_content=69532200&utm_medium=social&utm_source=twitter

I enabled unbound and added the custom settings from this article to enable dns over tls on 1.1.1.1 and 1.0.0.1.

It seemed to work fine for a short period of time and then I start getting these errors and the unbound service stops running.

unbound: [58716:1] notice: ssl handshake failed 1.1.1.1 port 853

unbound: [58716:1] error: ssl handshake failed crypto error:140020B5:SSL routines:CONNECT_CW_CLNT_HELLO:no ciphers available

Is anyone using cloudflare dns over tls successfully?

opnfwb · April 05, 2018, 11:32:33 PM

Cloudflare is having issues presently with TLS. I'm using Quad9 DNS TLS and it's been working.

https://community.cloudflare.com/t/1-1-1-1-was-working-but-not-anymore/15136

lambrusco · April 07, 2018, 05:02:04 PM

Had the same issue, I used the following parameters in the custom options field and then it worked.

Code Select

server:
forward-zone:
name: "."
forward-ssl-upstream: yes
forward-addr: 1.1.1.1@853
forward-addr: 1.0.0.1@853

Cloudflare DNS over TLS with Unbound

csmall

April 04, 2018, 04:02:59 AM

opnfwb

April 05, 2018, 11:32:33 PM #1

lambrusco

April 07, 2018, 05:02:04 PM #2