Verified Commit 967bbaeb authored by Elias Ojala's avatar Elias Ojala
Browse files

DNS

parent 114dd051
......@@ -9,12 +9,15 @@ permalink: /dns/adblocking
* [UncensoredDNS](https://blog.uncensoreddns.org/dns-servers/) (Denmark + USA)
* [DNS.WATCH](https://dns.watch/) (Germany)
* [SecureDNS](https://securedns.eu/) (**only DoH, DoT and DNSCrypt** which are currently not supported by Blokada/Pi-hole*, Netherlands)
* [SecureDNS](https://securedns.eu/) (Netherlands, **only DoH, [DoT](dot/index.md) and DNSCrypt** which are currently not supported by Blokada/Pi-hole*)
* [Digitale Gesellschaft DNS](https://www.digitale-gesellschaft.ch/dns) (Switzerland, **only DoH and [DoT](dot/index.md)** which are currently not supported by Blokada/Pi-hole*)
\* = Not supported out of the box, requires [DoH client](pihole-doh.md).
You can also run your own resolver with [Unbound](https://nlnetlabs.nl/projects/unbound/about/), very easy to setup (only port has to be changed when used with Pi-hole).
You may also want to use [DNS-over-TLS with Unbound](dot/unbound-linux.md).
### Hosts lists
* [Energized](https://energized.pro/#packs)
......
---
title: DNS-over-TLS on Unbound
permalink: /dns-over-tls/unbound/linux/
---
Filename `/etc/unbound/unbound.conf`
```
# Unbound configuration file for Debian.
#
# See the unbound.conf(5) man page.
#
# See /usr/share/doc/unbound/examples/unbound.conf for a commented
# reference config file.
#
# The following line includes additional configuration files from the
# /etc/unbound/unbound.conf.d directory.
include: "/etc/unbound/unbound.conf.d/*.conf"
server:
tls-cert-bundle: /etc/ssl/certs/ca-certificates.crt
forward-zone:
name: "."
forward-tls-upstream: yes
forward-addr: 91.239.100.100@853#anycast.censurfridns.dk
forward-addr: 146.185.167.43@853#dot.securedns.eu
```
## Further reading
* [Actually secure DNS over TLS in Unbound](https://www.ctrl.blog/entry/unbound-tls-forwarding)
\ No newline at end of file
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment