unbound dot: move things around

2025-02-16 21:40:45 +01:00 · 2019-08-17 00:26:36 +03:00 · 2019-08-17 00:26:36 +03:00 · 39493f3bf9
commit 39493f3bf9
parent b3a7266eb5
1 changed files with 37 additions and 25 deletions
--- a/etc/unbound/unbound.conf.d/dns-over-tls.conf
+++ b/etc/unbound/unbound.conf.d/dns-over-tls.conf
@ -12,38 +12,50 @@ server:
 forward-zone:
    name: "."
    forward-tls-upstream: yes
-    #
-    ### DNS-over-TLS on port 443, no filtering
+
+    ## DNS-over-TLS on port 443, no non-malicious filtering
+
    # https://appliedprivacy.net/services/dns/
    forward-addr: 37.252.185.232@443#dot1.appliedprivacy.net
-    ## https://dnswarden.com/
+
+    # https://dnswarden.com/
    forward-addr: 2a01:4f8:1c1c:5e77::1@443#uncensored-dot.dnswarden.com
    forward-addr: 2a01:4f8:1c1c:75b4::1@443#uncensored-dot.dnswarden.com
    forward-addr: 116.203.35.255@443#uncensored-dot.dnswarden.com
    forward-addr: 116.203.70.156@443#uncensored-dot.dnswarden.com
-    ##
-    ## Quad9 - warning: uncommenting others simultaneously will break
-    ## malicious domain blocking.
-    #forward-addr: 2620:fe::fe@853#dns.quad9.net
-    #forward-addr: 9.9.9.9@853#dns.quad9.net
-    #forward-addr: 2620:fe::9@853#dns.quad9.net
-    #forward-addr: 149.112.112.112@853#dns.quad9.net
-    ## censurfridns.dk (Copenhagen?)
-    #forward-addr: 2001:67c:28a4::@853#anycast.censurfridns.dk
-    #forward-addr: 91.239.100.100@853#anycast.censurfridns.dk
-    ## DNS.WATCH (German) - PROBLEM: NO DOT AS OF 2019-07-22 but in hope
-    ## they will have it I am leaving these here.
+
+    ## DNS-over-TLS on port 853
+
+    # Quad9 - warning: uncommenting others simultaneously will break
+    # malicious domain blocking.
+    forward-addr: 2620:fe::fe@853#dns.quad9.net
+    forward-addr: 9.9.9.9@853#dns.quad9.net
+    forward-addr: 2620:fe::9@853#dns.quad9.net
+    forward-addr: 149.112.112.112@853#dns.quad9.net
+
+    # censurfridns.dk (Copenhagen?)
+    forward-addr: 2001:67c:28a4::@853#anycast.censurfridns.dk
+    forward-addr: 91.239.100.100@853#anycast.censurfridns.dk
+
+    # Cloudflare DNS - didn't exist in 2015 for forwards.conf
+    # warning: for-profit business (and too big in my opinion)
+    forward-addr: 2606:4700:4700::1111@853#cloudflare-dns.com
+    forward-addr: 1.1.1.1@853#cloudflare-dns.com
+    forward-addr: 2606:4700:4700::1001@853#cloudflare-dns.com
+    forward-addr: 1.0.0.1@853#cloudflare-dns.com
+
+    # AdBlocking DNS
+
+    # AdGuard DNS - warning: for-profit business which task is to lie (to
+    # block ads)
+    #forward-addr: 176.103.130.130@853#dns.adguard.com
+    #forward-addr: 176.103.130.131@853#dns.adguard.com
+
+    ## Hopefully in the future
+
+    # DNS.WATCH (German) - PROBLEM: NO DOT AS OF 2019-07-22 but in hope
+    # they will have it I am leaving these here.
    #forward-addr: 2001:1608:10:25::1c04:b12f@853#resolver1.dns.watch
    #forward-addr: 2001:1608:10:25::9249:d69b@853#resolver2.dns.watch
    #forward-addr: 84.200.69.80@853#resolver1.dns.watch
    #forward-addr: 84.200.70.40@853#resolver2.dns.watch
-    ## Cloudflare DNS - didn't exist in 2015 for forwards.conf
-    ## warning: for-profit business (and too big in my opinion)
-    #forward-addr: 2606:4700:4700::1111@853#cloudflare-dns.com
-    #forward-addr: 1.1.1.1@853#cloudflare-dns.com
-    #forward-addr: 2606:4700:4700::1001@853#cloudflare-dns.com
-    #forward-addr: 1.0.0.1@853#cloudflare-dns.com
-    ## AdGuard DNS - warning: for-profit business which task is to lie (to
-    ## block ads)
-    #forward-addr: 176.103.130.130@853#dns.adguard.com
-    #forward-addr: 176.103.130.131@853#dns.adguard.com