How to configure DNS over TLS in 2.4.4?
wgstarks last edited by wgstarks
I've read the Netgate blog post regarding enabling this feature in 2.4.3. At the end of the post it states that custom options will not be necessary in 2.4.4. Not exactly sure what is necessary though.
I entered the Cloudflare and Quad9 servers in DNS Server settings.
I'm a little vague on what the check for DNS Resolver settings though.
TheNarc last edited by TheNarc
If you want the firewall itself to only use the DNS servers that you specify in System > General, then you'll want to uncheck the "Allow DNS server list to be overridden by DHCP/PPP on WAN" option.
For DNS over TLS, you need to put unbound into forwarding mode. Check the "Enable Forwarding Mode" and "Use SSL/TLS for outgoing DNS Queries to Forwarding Servers" options. 2.4.3 didn't have that latter check box, and instead you needed to add custom options for DNS over TLS, so that's what the post you mention was referring to.
P3R last edited by P3R
For DNS over TLS, you need to put unbound into forwarding mode.
In the blog post it's specifically mentioned that forwarding mode "must be disabled".
TheNarc last edited by
That's only because in the blog post, which applies to 2.4.3, you put it into forwarding mode using custom options.
wgstarks last edited by
Thanks for the info.