Mikaela/shell-things
1
0
Fork 0
mirror of https://gitea.blesmrt.net/mikaela/shell-things.git synced 2025-11-04 03:17:34 +01:00
Code Issues Projects Releases Wiki Activity
shell-things/etc/unbound/unbound.conf.d/dns-over-tls.conf

74 lines
3.1 KiB
Plaintext
Raw Blame History

server:
# Debian ca-certificates location
#tls-cert-bundle: /etc/ssl/certs/ca-certificates.crt
# Fedora location
#tls-cert-bundle: /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem
# Use system certificates no matter where they are
tls-system-cert: yes
# Quad9 says pointless performance impact on forwarders.
# https://docs.quad9.net/Quad9_For_Organizations/DNS_Forwarder_Best_Practices/#disable-qname-minimization
qname-minimisation: no
# This file keeps changing purpose between being just for my travel laptop
# and sometimes helps when I cannot decide what is important in a DNS server.
# - applied-privacy.net provides DoT over 443 and tells you to use multiple
# servers for redundancy.
# - cloudflare-dns.com contributes to https://radar.cloudflare.com which gets
# used by many others including PrivacyBadger most popular domains for its
# badgersett pretraining
forward-zone:
name: "."
forward-tls-upstream: yes
# https://appliedprivacy.net/services/dns/ - Vienna, Austria, no ECS
forward-addr: 2a02:1b8:10:234::2@443#dot1.applied-privacy.net
forward-addr: 146.255.56.98@443#dot1.applied-privacy.net
#forward-addr: 2a02:1b8:10:234::2@853#dot1.applied-privacy.net
#forward-addr: 146.255.56.98@853#dot1.applied-privacy.net
# Cloudflare unfiltered, anycast, no ECS
forward-addr: 2606:4700:4700::1111@853#cloudflare-dns.com
forward-addr: 2606:4700:4700::1001@853#cloudflare-dns.com
forward-addr: 1.1.1.1@853#cloudflare-dns.com
forward-addr: 1.0.0.1@853#cloudflare-dns.com
# Mullvad unfiltered, Anycast Sweden, no ECS
#forward-addr: 194.242.2.2@853#dns.mullvad.net
#forward-addr: 2a07:e340::2@853#dns.mullvad.net
# Control D Free DNS unfilterd, anycast, no ECS
#forward-addr: 76.76.2.0@853#p0.freedns.controld.com
#forward-addr: 2606:1a40::@853#s0.freedns.controld.com
#forward-addr: 76.76.10.0@853#p0.freedns.controld.com
#forward-addr: 2606:1a40:1::@853#s0.freedns.controld.com
# Quad9 unfiltered, anycast, no ECS, no DNSSEC (Unbound does that)
forward-addr: 2620:fe::fe:10@853#dns10.quad9.net
forward-addr: 2620:fe::fe:10@8853#dns10.quad9.net
forward-addr: 149.112.112.10@853#dns10.quad9.net
forward-addr: 149.112.112.10@8853#dns10.quad9.net
forward-addr: 2620:fe::10@853#dns10.quad9.net
forward-addr: 2620:fe::10@8853#dns10.quad9.net
forward-addr: 9.9.9.10@853#dns10.quad9.net
forward-addr: 9.9.9.10@8853#dns10.quad9.net
# Quad9 unfiltered, anycast, ECS, no DNSSEC (Unbound does that)
#forward-addr: 2620:fe::fe:12@853#dns12.quad9.net
#forward-addr: 2620:fe::fe:12@8853#dns12.quad9.net
#forward-addr: 9.9.9.12@853#dns12.quad9.net
#forward-addr: 9.9.9.12@8853#dns12.quad9.net
#forward-addr: 2620:fe::12@853#dns12.quad9.net
#forward-addr: 2620:fe::12@8853#dns12.quad9.net
#forward-addr: 149.112.112.12@853#dns12.quad9.net
#forward-addr: 149.112.112.12@8853#dns12.quad9.net
# Adguard DNS Unfiltered Anycast. Malta based. Private ECS.
forward-addr: 2a10:50c0::1:ff@853#unfiltered.adguard-dns.com
forward-addr: 2a10:50c0::2:ff@853#unfiltered.adguard-dns.com
forward-addr: 94.140.14.140@853#unfiltered.adguard-dns.com
forward-addr: 94.140.14.141@853#unfiltered.adguard-dns.com
# vim: filetype=unbound.conf
Reference in New Issue View Git Blame Copy Permalink