From f878041e2ed211563b952c2b5c99bb9823c9e747 Mon Sep 17 00:00:00 2001 From: Mikaela Suomalainen Date: Thu, 29 Oct 2020 16:24:52 +0200 Subject: [PATCH] unbound/dns-over-tls.conf: reverse order of providers It seems to have some (small?) relevance to where queries go to. --- etc/unbound/unbound.conf.d/dns-over-tls.conf | 24 ++++++++++---------- 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/etc/unbound/unbound.conf.d/dns-over-tls.conf b/etc/unbound/unbound.conf.d/dns-over-tls.conf index d4b1b75b..2007e0ae 100644 --- a/etc/unbound/unbound.conf.d/dns-over-tls.conf +++ b/etc/unbound/unbound.conf.d/dns-over-tls.conf @@ -21,18 +21,6 @@ forward-zone: name: "." forward-tls-upstream: yes - ## DNS-over-TLS on port 443, no filtering. Mainly useful for traveling - ## laptops? - # https://appliedprivacy.net/services/dns/ - Vienna, Austria - #forward-addr: 2a02:1b8:10:234::2@443#dot1.applied-privacy.net - #forward-addr: 146.255.56.98@443#dot1.applied-privacy.net - - # Cloudflare DNS - anycast - forward-addr: 2606:4700:4700::1111@853#cloudflare-dns.com - forward-addr: 1.1.1.1@853#cloudflare-dns.com - forward-addr: 2606:4700:4700::1001@853#cloudflare-dns.com - forward-addr: 1.0.0.1@853#cloudflare-dns.com - # Quad9 - Anycast, USA based # Non filtering "insecure" servers without DNSSEC, but that is done # by Unbound locally anyway. @@ -41,3 +29,15 @@ forward-zone: forward-addr: 2620:fe::10@853#dns10.quad9.net forward-addr: 149.112.112.10@853#dns10.quad9.net + # Cloudflare DNS - anycast + forward-addr: 2606:4700:4700::1111@853#cloudflare-dns.com + forward-addr: 1.1.1.1@853#cloudflare-dns.com + forward-addr: 2606:4700:4700::1001@853#cloudflare-dns.com + forward-addr: 1.0.0.1@853#cloudflare-dns.com + + ## DNS-over-TLS on port 443, no filtering. Mainly useful for traveling + ## laptops? + # https://appliedprivacy.net/services/dns/ - Vienna, Austria + #forward-addr: 2a02:1b8:10:234::2@443#dot1.applied-privacy.net + #forward-addr: 146.255.56.98@443#dot1.applied-privacy.net +