Help with getting Unbound to use DoH (DNS over HTTPS)

Ronald Nutter ron.nutter at networkref.com
Mon Feb 22 18:51:14 UTC 2021


Henrik:

Thanks for your response.
My question is will the steps I outline work in getting this running?
I have looked for the steps to do this on Unbounds FAQ and other areas and
havent found anything.

Ron

On Mon, Feb 22, 2021 at 12:42 PM Hendrik Meyburgh <hendrikdm at gmail.com>
wrote:

> Hi.
>
> Try adding the --with-ssl compile option. You can then run unbound with -d
> and -v
> for debug information during startup and will give you more info why it is
> not
> working.
>
>
> On Mon, Feb 22, 2021 at 10:36:22AM -0600, Ronald Nutter via Unbound-users
> wrote:
> > I have been using Unbound with DoT but would like to see about moving
> over
> > to HTTPS.  Have been looking for how to do this but what I have found so
> > far doesnt give me the information I am looking for.  I have some
> > experience with Linux but am no where near being a programmer.
> >
> > Here is what I have found so far -
> >
> > # Since I installed using apt, figure that I should uninstall it first
> >
> > sudo apt remove unbound
> >
> >
> > # Download/compile unbound to use DoH
> > wget http://www.nlnetlabs.nl/downloads/unbound/unbound-1.13.1.tar.gz
> > tar -zxvf unbound-1.13.1.tar.gz (missing step?)
> > ./configure --with-libnghttp2
> > make
> > make install
> >
> > #configuring unbound to use DoH
> > server:
> > interface: 127.0.0.1 at 443
> > tls-service-key "key.pem"
> > tls-service-pem: "cert.pem"
> >
> > # Adapted from TLS/DoT instructions, so not sure about this
> > forward-zone:
> >     name: "."
> >     forward-tls-upstream: yes
> >     # Cloudflare DNS
> >     forward-addr: 2606:4700:4700::1111 at 443#cloudflare-dns.com
> >     forward-addr: 1.1.1.1 at 443#cloudflare-dns.com
> >     forward-addr: 2606:4700:4700::1001 at 443#cloudflare-dns.com
> >     forward-addr: 1.0.0.1 at 443#cloudflare-dns.com
> >
> > Is this correct ?
> > Would appreciate any pointers in helping get this to work
> >
> > Thanks,
> > Ron
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nlnetlabs.nl/pipermail/unbound-users/attachments/20210222/2b5a1eef/attachment-0001.htm>


More information about the Unbound-users mailing list