Confirming DNS over TLS on Unbound 1.6.0
jabley at hopcount.ca
Sun Mar 17 17:46:16 UTC 2019
On 17 Mar 2019, at 18:42, A. Schulze via Unbound-users <unbound-users at nlnetlabs.nl> wrote:
> Am 17.03.19 um 01:10 schrieb rollingonchrome via Unbound-users:
>> I am new to Unbound and am using version 1.6.0 on a Raspberry Pi.
> 1.6.0 is > two years old. sure you can't use newer stuff?
>> I want to confirm that DNS over TLS to upstream servers is set up correctly.
> if you like to get your configuration reviewed, why do you post you /logs/ !?
Another way of looking at this is that it might indeed be helpful for unbound to log something to confirm how forwarded queries are being encrypted (or not) if unbound is configured to forward queries.
If I was processing logs and intended for my forwarded DNS traffic to be encrypted, I'd certainly appreciate a log message triggering an alert if some configuration got changed incorrectly and forwarded queries were suddenly happening in the clear.
More information about the Unbound-users