DNS Resolver DNSCrypt with OpenDNS Configuration
-
BACKGROUND
I've been trying to get DNS over TLS to work with OpenDNS, and wanted someone to confirm my configuration.
- OpenDNS supports DNSCrypt via ports 53, 5353, and 443
- Already have OpenDNS servers configured under General Settings and disable ISP override
- DNS Resolver running.
- Enabled SSL/TLS for outgoing DNS Queries to Forwarding Servers
- Added the following custom settings to force use of 443 vs default 853
forward-zone: name: "." forward-addr: 208.67.222.222@443 forward-addr: 208.67.220.220@443
- Confirmed with packet capture WAN side DNS queries to OpenDNS are over port 443
QUESTION
Do I have it configured correctly?
-
UPDATE
Apparently OpenDNS is using a different encryption library.
https://www.opendns.com/about/innovations/dnscrypt/