DNS over TLS Failing with Quad9 using Unbound
-
So I'm using 9.9.9.9 and I can telnet to the address when logged into the firewall and can also grab the certs using openssl. So it's not getting blocked anywhere to my knowledge. I didn't see anything in the firewall rules either.
My configuration
General Settings DNS Servers:- 9.9.9.9
- 149.112.112.112
I had Disable DNS Forwarder turned both on and off and it had no effect on unbound's inability to resolve an address over TLS.
Unbound Configuration
- Enable DNS Resolved Checked
- Respond to incoming SSL/TLS queries from local clients (this won't happen, but I turned it on)
- SSL/TLS Cert webConfigurator
- Network Interfaces: All
- Outgoing Network Interfaces: WAN
- System Domain Local Zone Type: Transparent
- DNSSEC: Checked
- DNS Query Forwarding: Checked
- Use SSL/TLS for outgoing DNS Queries to Forwarding Servers: Checked (This breaks things)
- DHCP Registration: Checked
Custom (not sure this is needed anymore with the UI Setting):
server:
log-replies: yes
forward-zone:
name: "."
forward-ssl-upstream: yes
forward-addr: 9.9.9.9@853
forward-addr: 149.112.112.112@853What should I be looking for to fix this issue?