Help with getting Unbound to use DoH (DNS over HTTPS)
Ronald Nutter
ron.nutter at networkref.com
Mon Feb 22 16:36:22 UTC 2021
I have been using Unbound with DoT but would like to see about moving over
to HTTPS. Have been looking for how to do this but what I have found so
far doesnt give me the information I am looking for. I have some
experience with Linux but am no where near being a programmer.
Here is what I have found so far -
# Since I installed using apt, figure that I should uninstall it first
sudo apt remove unbound
# Download/compile unbound to use DoH
wget http://www.nlnetlabs.nl/downloads/unbound/unbound-1.13.1.tar.gz
tar -zxvf unbound-1.13.1.tar.gz (missing step?)
./configure --with-libnghttp2
make
make install
#configuring unbound to use DoH
server:
interface: 127.0.0.1 at 443
tls-service-key "key.pem"
tls-service-pem: "cert.pem"
# Adapted from TLS/DoT instructions, so not sure about this
forward-zone:
name: "."
forward-tls-upstream: yes
# Cloudflare DNS
forward-addr: 2606:4700:4700::1111 at 443#cloudflare-dns.com
forward-addr: 1.1.1.1 at 443#cloudflare-dns.com
forward-addr: 2606:4700:4700::1001 at 443#cloudflare-dns.com
forward-addr: 1.0.0.1 at 443#cloudflare-dns.com
Is this correct ?
Would appreciate any pointers in helping get this to work
Thanks,
Ron
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nlnetlabs.nl/pipermail/unbound-users/attachments/20210222/4ed81e89/attachment.htm>
More information about the Unbound-users
mailing list