DNS-TLS using Quad 9 (Noob question)

  • I just upgraded my pfSense and turned on DNS- SSL/TLS. I enabled port 853 and 53 in my VLAN rules allowing access to the VLAN address(followed by a block all other access to 853 and 53).

    Below is what I am trying to do(thanks occamrazor for the help):

    I was playing around and removed port 53 from my rules in an attempt to try to force all DNS traffic with SSL/TLS thru Quad9(which does support DNS-SSL/TLS).

    While I didn't test many sites I noticed I was only able to navigate to Google with 853 enabled only. Despite the fact I am using Quad9 which does support DNS-SSL/TLS does the actual website itself need to support DNS-SSL/TLS?

    In other words do I need to allow port 53 and 853 to effectively make this functional?

    I know this feature is new but wanted to ask...


Log in to reply