mirror of
https://gitea.blesmrt.net/mikaela/shell-things.git
synced 2024-12-23 11:12:48 +01:00
systemd-resolved, unbound: only ECS IPv6
This commit is contained in:
parent
6cae19ba4f
commit
85c7fedcb2
@ -3,17 +3,17 @@
|
|||||||
# encryption, but host a Quad9 node and giving these addresses instead.
|
# encryption, but host a Quad9 node and giving these addresses instead.
|
||||||
[Resolve]
|
[Resolve]
|
||||||
# Secure
|
# Secure
|
||||||
DNS=2620:fe::9#dns.quad9.net 149.112.112.112#dns.quad9.net 2620:fe::fe#dns.quad9.net 9.9.9.9#dns.quad9.net
|
#DNS=2620:fe::9#dns.quad9.net 2620:fe::fe#dns.quad9.net [2620:fe::9]:8853#dns.quad9.net [2620:fe::fe]:8853#dns.quad9.net
|
||||||
DNS=[2620:fe::9]:8853#dns.quad9.net 149.112.112.112:8853#dns.quad9.net [2620:fe::fe]:8853#dns.quad9.net 9.9.9.9:8853#dns.quad9.net
|
DNS=149.112.112.112#dns.quad9.net 9.9.9.9#dns.quad9.net 149.112.112.112:8853#dns.quad9.net 9.9.9.9:8853#dns.quad9.net
|
||||||
# No Threat Blocking
|
# No Threat Blocking
|
||||||
#DNS=2620:fe::10#dns10.quad9.net 149.112.112.10#dns10.quad9.net 2620:fe::fe:10#dns10.quad9.net 9.9.9.10#dns10.quad9.net
|
#DNS=2620:fe::10#dns10.quad9.net 2620:fe::fe:10#dns10.quad9.net [2620:fe::10]:8853#dns10.quad9.net [2620:fe::fe:10]:8853#dns10.quad9.net
|
||||||
#DNS=[2620:fe::10]:8853#dns10.quad9.net 149.112.112.10:8853#dns10.quad9.net [2620:fe::fe:10]:8853#dns10.quad9.net 9.9.9.10:8853#dns10.quad9.net
|
#DNS=149.112.112.10#dns10.quad9.net 9.9.9.10#dns10.quad9.net 149.112.112.10:8853#dns10.quad9.net 9.9.9.10:8853#dns10.quad9.net
|
||||||
# Secure + ECS
|
# Secure + ECS
|
||||||
#DNS=2620:fe::11#dns11.quad9.net 149.112.112.11#dns11.quad9.net 2620:fe::fe:11#dns11.quad9.net 9.9.9.11#dns11.quad9.net
|
DNS=2620:fe::11#dns11.quad9.net 2620:fe::fe:11#dns11.quad9.net [2620:fe::11]:8853#dns11.quad9.net [2620:fe::fe:11]:8853#dns11.quad9.net
|
||||||
#DNS=[2620:fe::11]:8853#dns11.quad9.net 149.112.112.11:8853#dns11.quad9.net [2620:fe::fe:11]:8853#dns11.quad9.net 9.9.9.11:8853#dns11.quad9.net
|
#DNS=149.112.112.11#dns11.quad9.net 9.9.9.11#dns11.quad9.net 149.112.112.11:8853#dns11.quad9.net 9.9.9.11:8853#dns11.quad9.net
|
||||||
# No Threat Blocking + ECS
|
# No Threat Blocking + ECS
|
||||||
#DNS=9.9.9.12#dns12.quad9.net 149.112.112.12#dns12.quad9.net 2620:fe::12#dns12.quad9.net 2620:fe::fe:12#dns12.quad9.net
|
DNS=2620:fe::12#dns12.quad9.net 2620:fe::fe:12#dns12.quad9.net [2620:fe::12]:8853#dns12.quad9.net [2620:fe::fe:12]:8853#dns12.quad9.net
|
||||||
#DNS=9.9.9.12:8853#dns12.quad9.net 149.112.112.12:8853#dns12.quad9.net [2620:fe::12]:8853#dns12.quad9.net [2620:fe::fe:12]:8853#dns12.quad9.net
|
DNS=9.9.9.12#dns12.quad9.net 149.112.112.12#dns12.quad9.net 9.9.9.12:8853#dns12.quad9.net 149.112.112.12:8853#dns12.quad9.net
|
||||||
#DNSOverTLS=true
|
#DNSOverTLS=true
|
||||||
|
|
||||||
# vim: filetype=systemd
|
# vim: filetype=systemd
|
||||||
|
@ -42,21 +42,21 @@ forward-zone:
|
|||||||
forward-addr: 2606:1a40:1::@853#s0.freedns.controld.com
|
forward-addr: 2606:1a40:1::@853#s0.freedns.controld.com
|
||||||
|
|
||||||
# Quad9 unfiltered, anycast, no ECS, no DNSSEC (Unbound does that)
|
# Quad9 unfiltered, anycast, no ECS, no DNSSEC (Unbound does that)
|
||||||
forward-addr: 2620:fe::fe:10@853#dns10.quad9.net
|
#forward-addr: 2620:fe::fe:10@853#dns10.quad9.net
|
||||||
forward-addr: 2620:fe::fe:10@8853#dns10.quad9.net
|
#forward-addr: 2620:fe::fe:10@8853#dns10.quad9.net
|
||||||
forward-addr: 149.112.112.10@853#dns10.quad9.net
|
forward-addr: 149.112.112.10@853#dns10.quad9.net
|
||||||
forward-addr: 149.112.112.10@8853#dns10.quad9.net
|
forward-addr: 149.112.112.10@8853#dns10.quad9.net
|
||||||
forward-addr: 2620:fe::10@853#dns10.quad9.net
|
#forward-addr: 2620:fe::10@853#dns10.quad9.net
|
||||||
forward-addr: 2620:fe::10@8853#dns10.quad9.net
|
#forward-addr: 2620:fe::10@8853#dns10.quad9.net
|
||||||
forward-addr: 9.9.9.10@853#dns10.quad9.net
|
forward-addr: 9.9.9.10@853#dns10.quad9.net
|
||||||
forward-addr: 9.9.9.10@8853#dns10.quad9.net
|
forward-addr: 9.9.9.10@8853#dns10.quad9.net
|
||||||
# Quad9 unfiltered, anycast, ECS, no DNSSEC (Unbound does that)
|
# Quad9 unfiltered, anycast, ECS, no DNSSEC (Unbound does that)
|
||||||
#forward-addr: 2620:fe::fe:12@853#dns12.quad9.net
|
forward-addr: 2620:fe::fe:12@853#dns12.quad9.net
|
||||||
#forward-addr: 2620:fe::fe:12@8853#dns12.quad9.net
|
forward-addr: 2620:fe::fe:12@8853#dns12.quad9.net
|
||||||
#forward-addr: 9.9.9.12@853#dns12.quad9.net
|
#forward-addr: 9.9.9.12@853#dns12.quad9.net
|
||||||
#forward-addr: 9.9.9.12@8853#dns12.quad9.net
|
#forward-addr: 9.9.9.12@8853#dns12.quad9.net
|
||||||
#forward-addr: 2620:fe::12@853#dns12.quad9.net
|
forward-addr: 2620:fe::12@853#dns12.quad9.net
|
||||||
#forward-addr: 2620:fe::12@8853#dns12.quad9.net
|
forward-addr: 2620:fe::12@8853#dns12.quad9.net
|
||||||
#forward-addr: 149.112.112.12@853#dns12.quad9.net
|
#forward-addr: 149.112.112.12@853#dns12.quad9.net
|
||||||
#forward-addr: 149.112.112.12@8853#dns12.quad9.net
|
#forward-addr: 149.112.112.12@8853#dns12.quad9.net
|
||||||
|
|
||||||
|
@ -17,10 +17,10 @@ forward-zone:
|
|||||||
name: "."
|
name: "."
|
||||||
forward-tls-upstream: yes
|
forward-tls-upstream: yes
|
||||||
## Secure
|
## Secure
|
||||||
forward-addr: 2620:fe::fe@853#dns.quad9.net
|
#forward-addr: 2620:fe::fe@853#dns.quad9.net
|
||||||
forward-addr: 2620:fe::fe@8853#dns.quad9.net
|
#forward-addr: 2620:fe::fe@8853#dns.quad9.net
|
||||||
forward-addr: 2620:fe::9@853#dns.quad9.net
|
#forward-addr: 2620:fe::9@853#dns.quad9.net
|
||||||
forward-addr: 2620:fe::9@8853#dns.quad9.net
|
#forward-addr: 2620:fe::9@8853#dns.quad9.net
|
||||||
forward-addr: 9.9.9.9@853#dns.quad9.net
|
forward-addr: 9.9.9.9@853#dns.quad9.net
|
||||||
forward-addr: 9.9.9.9@8853#dns.quad9.net
|
forward-addr: 9.9.9.9@8853#dns.quad9.net
|
||||||
forward-addr: 149.112.112.112@853#dns.quad9.net
|
forward-addr: 149.112.112.112@853#dns.quad9.net
|
||||||
@ -35,12 +35,12 @@ forward-zone:
|
|||||||
#forward-addr: 9.9.9.10@853#dns10.quad9.net
|
#forward-addr: 9.9.9.10@853#dns10.quad9.net
|
||||||
#forward-addr: 9.9.9.10@8853#dns10.quad9.net
|
#forward-addr: 9.9.9.10@8853#dns10.quad9.net
|
||||||
## Secure + ECS
|
## Secure + ECS
|
||||||
#forward-addr: 2620:fe::fe:11@853#dns11.quad9.net
|
forward-addr: 2620:fe::fe:11@853#dns11.quad9.net
|
||||||
#forward-addr: 2620:fe::fe:11@8853#dns11.quad9.net
|
forward-addr: 2620:fe::fe:11@8853#dns11.quad9.net
|
||||||
#forward-addr: 9.9.9.11@853#dns11.quad9.net
|
#forward-addr: 9.9.9.11@853#dns11.quad9.net
|
||||||
#forward-addr: 9.9.9.11@8853#dns11.quad9.net
|
#forward-addr: 9.9.9.11@8853#dns11.quad9.net
|
||||||
#forward-addr: 2620:fe::11@853#dns11.quad9.net
|
forward-addr: 2620:fe::11@853#dns11.quad9.net
|
||||||
#forward-addr: 2620:fe::11@8853#dns11.quad9.net
|
forward-addr: 2620:fe::11@8853#dns11.quad9.net
|
||||||
#forward-addr: 149.112.112.11@853#dns11.quad9.net
|
#forward-addr: 149.112.112.11@853#dns11.quad9.net
|
||||||
#forward-addr: 149.112.112.11@8853#dns11.quad9.net
|
#forward-addr: 149.112.112.11@8853#dns11.quad9.net
|
||||||
## No Threat Blocking + ECS
|
## No Threat Blocking + ECS
|
||||||
|
@ -4,13 +4,13 @@ client-subnet-zone: "."
|
|||||||
#client-subnet-always-forward: yes
|
#client-subnet-always-forward: yes
|
||||||
# Send different subnet size
|
# Send different subnet size
|
||||||
#max-client-subnet-ipv6: "16"
|
#max-client-subnet-ipv6: "16"
|
||||||
#max-client-subnet-ipv4: "48"
|
max-client-subnet-ipv4: "0"
|
||||||
|
|
||||||
# IP address to send as client subnet. Optionally /CIDR can be appended.
|
# IP address to send as client subnet. Optionally /CIDR can be appended.
|
||||||
#
|
#
|
||||||
# These are actual Moi.fi IP addresses (dynamic, so they will likely
|
# These are actual Moi.fi IP addresses (dynamic, so they will likely
|
||||||
# change very soon and thus kind of become "anonymized" :D)
|
# change very soon and thus kind of become "anonymized" :D)
|
||||||
send-client-subnet: "82.203.160.208/17"
|
#send-client-subnet: "82.203.160.208"
|
||||||
send-client-subnet: "2001:14bb:653:a161:9d7b:be7a:1e40:ad7/29"
|
send-client-subnet: "2001:14bb:653:a161:9d7b:be7a:1e40:ad7"
|
||||||
|
|
||||||
# vim: filetype=unbound.conf
|
# vim: filetype=unbound.conf
|
||||||
|
Loading…
Reference in New Issue
Block a user