DNS over TLS Failing with Quad9 using Unbound



  • So I'm using 9.9.9.9 and I can telnet to the address when logged into the firewall and can also grab the certs using openssl. So it's not getting blocked anywhere to my knowledge. I didn't see anything in the firewall rules either.

    My configuration
    General Settings DNS Servers:

    • 9.9.9.9
    • 149.112.112.112

    I had Disable DNS Forwarder turned both on and off and it had no effect on unbound's inability to resolve an address over TLS.

    Unbound Configuration

    • Enable DNS Resolved Checked
    • Respond to incoming SSL/TLS queries from local clients (this won't happen, but I turned it on)
    • SSL/TLS Cert webConfigurator
    • Network Interfaces: All
    • Outgoing Network Interfaces: WAN
    • System Domain Local Zone Type: Transparent
    • DNSSEC: Checked
    • DNS Query Forwarding: Checked
    • Use SSL/TLS for outgoing DNS Queries to Forwarding Servers: Checked (This breaks things)
    • DHCP Registration: Checked

    Custom (not sure this is needed anymore with the UI Setting):
    server:
    log-replies: yes
    forward-zone:
    name: "."
    forward-ssl-upstream: yes
    forward-addr: 9.9.9.9@853
    forward-addr: 149.112.112.112@853

    What should I be looking for to fix this issue?


 

© Copyright 2002 - 2018 Rubicon Communications, LLC | Privacy Policy