diff --git a/etc/systemd/resolved.conf.d/90-working-dns.conf b/etc/systemd/resolved.conf.d/90-working-dns.conf index 3014bed5..0d654991 100644 --- a/etc/systemd/resolved.conf.d/90-working-dns.conf +++ b/etc/systemd/resolved.conf.d/90-working-dns.conf @@ -1,8 +1,10 @@ [Resolve] DNS= DNS=::1 127.0.0.1 -DNS=2620:fe::11#dns11.quad9.net 2620:fe::fe:11#dns11.quad9.net [2620:fe::11]:8853#dns11.quad9.net [2620:fe::fe:11]:8853#dns11.quad9.net 149.112.112.11#dns11.quad9.net 9.9.9.11#dns11.quad9.net 149.112.112.11:8853#dns11.quad9.net 9.9.9.11:8853#dns11.quad9.net +DNS=2620:fe::9#dns.quad9.net 2620:fe::fe#dns.quad9.net [2620:fe::9]:8853#dns.quad9.net [2620:fe::fe]:8853#dns.quad9.net +#DNS=2620:fe::11#dns11.quad9.net 2620:fe::fe:11#dns11.quad9.net [2620:fe::11]:8853#dns11.quad9.net [2620:fe::fe:11]:8853#dns11.quad9.net 149.112.112.11#dns11.quad9.net 9.9.9.11#dns11.quad9.net 149.112.112.11:8853#dns11.quad9.net 9.9.9.11:8853#dns11.quad9.net DNS=2a13:1001::86:54:11:201#protective.joindns4.eu 2a13:1001::86:54:11:1#protective.joindns4.eu 86.54.11.201#protective.joindns4.eu 86.54.11.1#protective.joindns4.eu +#DNS=2606:4700:4700::1112#security.cloudflare-dns.com 2606:4700:4700::1002#security.cloudflare-dns.com 1.1.1.2#security.cloudflare-dns.com 1.0.0.2#security.cloudflare-dns.com FallbackDNS= FallbackDNS=::1 127.0.0.1 Domains=~. diff --git a/etc/unbound/unbound.conf.d/dns-over-tls.conf b/etc/unbound/unbound.conf.d/dns-over-tls.conf index 05b30411..5a472517 100644 --- a/etc/unbound/unbound.conf.d/dns-over-tls.conf +++ b/etc/unbound/unbound.conf.d/dns-over-tls.conf @@ -45,24 +45,24 @@ forward-zone: #forward-addr: 2606:1a40:1::@853#s0.freedns.controld.com # Quad9 unfiltered, anycast, no ECS, no DNSSEC (Unbound does that) - #forward-addr: 2620:fe::fe:10@853#dns10.quad9.net - #forward-addr: 2620:fe::fe:10@8853#dns10.quad9.net - #forward-addr: 149.112.112.10@853#dns10.quad9.net - #forward-addr: 149.112.112.10@8853#dns10.quad9.net - #forward-addr: 2620:fe::10@853#dns10.quad9.net - #forward-addr: 2620:fe::10@8853#dns10.quad9.net - #forward-addr: 9.9.9.10@853#dns10.quad9.net - #forward-addr: 9.9.9.10@8853#dns10.quad9.net + forward-addr: 2620:fe::fe:10@853#dns10.quad9.net + forward-addr: 2620:fe::fe:10@8853#dns10.quad9.net + forward-addr: 149.112.112.10@853#dns10.quad9.net + forward-addr: 149.112.112.10@8853#dns10.quad9.net + forward-addr: 2620:fe::10@853#dns10.quad9.net + forward-addr: 2620:fe::10@8853#dns10.quad9.net + forward-addr: 9.9.9.10@853#dns10.quad9.net + forward-addr: 9.9.9.10@8853#dns10.quad9.net # Quad9 unfiltered, anycast, ECS, no DNSSEC (Unbound does that) #forward-addr: 2620:fe::fe:12@853#dns12.quad9.net - forward-addr: 2620:fe::fe:12@8853#dns12.quad9.net + #forward-addr: 2620:fe::fe:12@8853#dns12.quad9.net #forward-addr: 9.9.9.12@853#dns12.quad9.net - forward-addr: 9.9.9.12@8853#dns12.quad9.net + #forward-addr: 9.9.9.12@8853#dns12.quad9.net #forward-addr: 2620:fe::12@853#dns12.quad9.net - forward-addr: 2620:fe::12@8853#dns12.quad9.net + #forward-addr: 2620:fe::12@8853#dns12.quad9.net #forward-addr: 149.112.112.12@853#dns12.quad9.net - forward-addr: 149.112.112.12@8853#dns12.quad9.net + #forward-addr: 149.112.112.12@8853#dns12.quad9.net # Adguard DNS Unfiltered Anycast. Malta based. Private ECS. forward-addr: 2a10:50c0::1:ff@853#unfiltered.adguard-dns.com diff --git a/etc/unbound/unbound.conf.d/dot-cloudflare-dns4eu-quad9.conf b/etc/unbound/unbound.conf.d/dot-cloudflare-dns4eu-quad9.conf index 4d5a157b..d24515aa 100644 --- a/etc/unbound/unbound.conf.d/dot-cloudflare-dns4eu-quad9.conf +++ b/etc/unbound/unbound.conf.d/dot-cloudflare-dns4eu-quad9.conf @@ -26,15 +26,25 @@ forward-zone: forward-addr: 1.1.1.2@853#security.cloudflare-dns.com forward-addr: 1.0.0.2@853#security.cloudflare-dns.com + # Quad9 malicious domain blocking without ECS + forward-addr: 2620:fe::fe@8853#dns.quad9.net + forward-addr: 2620:fe::9@8853#dns.quad9.net + forward-addr: 9.9.9.9@8853#dns.quad9.net + forward-addr: 149.112.112.112@8853#dns.quad9.net + forward-addr: 2620:fe::fe@853#dns.quad9.net + forward-addr: 2620:fe::9@853#dns.quad9.net + forward-addr: 9.9.9.9@853#dns.quad9.net + forward-addr: 149.112.112.112@853#dns.quad9.net + # Quad9 malicious domain blocking with ECS - forward-addr: 2620:fe::fe:11@853#dns11.quad9.net - forward-addr: 2620:fe::fe:11@8853#dns11.quad9.net - forward-addr: 9.9.9.11@853#dns11.quad9.net - forward-addr: 9.9.9.11@8853#dns11.quad9.net - forward-addr: 2620:fe::11@853#dns11.quad9.net - forward-addr: 2620:fe::11@8853#dns11.quad9.net - forward-addr: 149.112.112.11@853#dns11.quad9.net - forward-addr: 149.112.112.11@8853#dns11.quad9.net + #forward-addr: 2620:fe::fe:11@853#dns11.quad9.net + #forward-addr: 2620:fe::fe:11@8853#dns11.quad9.net + #forward-addr: 9.9.9.11@853#dns11.quad9.net + #forward-addr: 9.9.9.11@8853#dns11.quad9.net + #forward-addr: 2620:fe::11@853#dns11.quad9.net + #forward-addr: 2620:fe::11@8853#dns11.quad9.net + #forward-addr: 149.112.112.11@853#dns11.quad9.net + #forward-addr: 149.112.112.11@8853#dns11.quad9.net # DNS4EU malicious domain blocking forward-addr: 2a13:1001::86:54:11:201@853#protective.joindns4.eu diff --git a/etc/unbound/unbound.conf.d/dot-dns4eu-quad9.conf b/etc/unbound/unbound.conf.d/dot-dns4eu-quad9.conf index 2fac30b3..7c8c7bc8 100644 --- a/etc/unbound/unbound.conf.d/dot-dns4eu-quad9.conf +++ b/etc/unbound/unbound.conf.d/dot-dns4eu-quad9.conf @@ -15,23 +15,23 @@ forward-zone: name: "." forward-tls-upstream: yes ## Quad9 Secure - #forward-addr: 2620:fe::fe@8853#dns.quad9.net - #forward-addr: 2620:fe::9@8853#dns.quad9.net - #forward-addr: 9.9.9.9@8853#dns.quad9.net - #forward-addr: 149.112.112.112@8853#dns.quad9.net - #forward-addr: 2620:fe::fe@853#dns.quad9.net - #forward-addr: 2620:fe::9@853#dns.quad9.net - #forward-addr: 9.9.9.9@853#dns.quad9.net - #forward-addr: 149.112.112.112@853#dns.quad9.net + forward-addr: 2620:fe::fe@8853#dns.quad9.net + forward-addr: 2620:fe::9@8853#dns.quad9.net + forward-addr: 9.9.9.9@8853#dns.quad9.net + forward-addr: 149.112.112.112@8853#dns.quad9.net + forward-addr: 2620:fe::fe@853#dns.quad9.net + forward-addr: 2620:fe::9@853#dns.quad9.net + forward-addr: 9.9.9.9@853#dns.quad9.net + forward-addr: 149.112.112.112@853#dns.quad9.net # Quad9 Secure + ECS - forward-addr: 2620:fe::fe:11@853#dns11.quad9.net - forward-addr: 2620:fe::fe:11@8853#dns11.quad9.net - forward-addr: 9.9.9.11@853#dns11.quad9.net - forward-addr: 9.9.9.11@8853#dns11.quad9.net - forward-addr: 2620:fe::11@853#dns11.quad9.net - forward-addr: 2620:fe::11@8853#dns11.quad9.net - forward-addr: 149.112.112.11@853#dns11.quad9.net - forward-addr: 149.112.112.11@8853#dns11.quad9.net + #forward-addr: 2620:fe::fe:11@853#dns11.quad9.net + #forward-addr: 2620:fe::fe:11@8853#dns11.quad9.net + #forward-addr: 9.9.9.11@853#dns11.quad9.net + #forward-addr: 9.9.9.11@8853#dns11.quad9.net + #forward-addr: 2620:fe::11@853#dns11.quad9.net + #forward-addr: 2620:fe::11@8853#dns11.quad9.net + #forward-addr: 149.112.112.11@853#dns11.quad9.net + #forward-addr: 149.112.112.11@8853#dns11.quad9.net # DNS4EU Protective forward-addr: 2a13:1001::86:54:11:201@853#protective.joindns4.eu forward-addr: 2a13:1001::86:54:11:1@853#protective.joindns4.eu