Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Howto use Cloudflare DNS ?

    DHCP and DNS
    2
    2
    284
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      bgroper
      last edited by bgroper

      Hi forum
      I seen this page.
      https://www.netgate.com/blog/dns-over-tls-with-pfsense.html

      I'm trying to use the Cloudflare DNS servers at 1.1.1.3 and 1.0.0.3.
      Added those DNS Servers in System, General Setup. (Having just a single WAN connection)
      Also, Services, DNS Resolver, General Settings :
      DNS Query Forwarding : Ticked = Enable Forwarding Mode, Ticked = Use SSL/TLS for outgoing DNS Queries

      Is there some way to check whether this is working as intended ?
      It seems my LAN clients can still dig xxx.com, sexy.com, etc.

      Thx's for any tips or clues.

      I'm not a complete idiot. There's still a few pieces missing.

      1 Reply Last reply Reply Quote 0
      • GertjanG
        Gertjan
        last edited by Gertjan

        Hi,

        The tip from 2 days ago was :

        84c0d552-fd3d-40ce-8a14-6e81064b9137-image.png

        (click to see the blog, and Q&A)

        So I guess DOT is still in the works.

        Btw : the reverse of 1.1.1.3 doesn't even exist yet - neither for 1.0.0.3.
        Take note that the tld '.three' doesn't exist.

        The blog you mentioned is old : DOT is TLS based, so it needs a valid host name - the one that is also embedded into the cert they present to you.

        So, when you use 1.1.1.1 it would be set up as

        ba56f67a-c0e0-485b-a97f-4cf9bcd0068a-image.png

        edit : I guess 1.1.1.3 etc can be sued, just not yet using TLS.

        edit again :

        @bgroper said in Howto use Cloudflare DNS ?:

        Is there some way to check whether this is working as intended ?

        Yep, I understand that you didn't liked this :

        c3860986-36f5-4d1f-98fd-58455cfe1e6b-image.png

        No "help me" PM's please. Use the forum, the community will thank you.
        Edit : and where are the logs ??

        1 Reply Last reply Reply Quote 0
        • First post
          Last post