From nobody Mon May 15 08:42:55 2023 X-Original-To: questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4QKXvF5v09z4BMWs for ; Mon, 15 May 2023 08:43:05 +0000 (UTC) (envelope-from lumiwa@dismail.de) Received: from mx1.dismail.de (mx1.dismail.de [78.46.223.134]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA512) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4QKXvD2wVYz3njS for ; Mon, 15 May 2023 08:43:04 +0000 (UTC) (envelope-from lumiwa@dismail.de) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=dismail.de header.s=20190914 header.b=U2hoq8PZ; spf=pass (mx1.freebsd.org: domain of lumiwa@dismail.de designates 78.46.223.134 as permitted sender) smtp.mailfrom=lumiwa@dismail.de; dmarc=pass (policy=reject) header.from=dismail.de Received: from mx1.dismail.de (localhost [127.0.0.1]) by mx1.dismail.de (OpenSMTPD) with ESMTP id 331017c2 for ; Mon, 15 May 2023 10:43:01 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=dismail.de; h=date:from :to:subject:message-id:in-reply-to:references:mime-version :content-type:content-transfer-encoding; s=20190914; bh=cPP1Bk3v 6j3U3x5OJ4r/0fcmByvDRfeSV0kEtYT0Xc0=; b=U2hoq8PZrLjJ5XRt5mYre8Mk 9PtqmlbF1gakTTt4SQbZe7n+imO+TLl53hbWMtyOLRcS+mDes9A4qwY/5Yr0QEbO PEd8vw844PmovJelNErIker5ORMm7cB3q/9HxF5RVD0O7DidbYfSw788C/TYDtUF F3frXV4ti65/S/yjghAb3KqQpBrUmgY850WOR62GCo7W8OPcHCELYblcp3MsI6Og Y6D5oo5gBC3y30Kv6DnJBCdniVh3IKLQGB5RpneYFaSVE5s5PE5GUbrEJ66DtRgM 0srCw1x3ICKPy/skzwJF0hkX6Tcc4Budib+BWQ38M7JCRJNhaHwqRJasq3xfKw== Received: from smtp2.dismail.de ( [10.240.26.12]) by mx1.dismail.de (OpenSMTPD) with ESMTP id 5b347b5d for ; Mon, 15 May 2023 10:43:01 +0200 (CEST) Received: from smtp2.dismail.de (localhost [127.0.0.1]) by smtp2.dismail.de (OpenSMTPD) with ESMTP id edaffeb6 for ; Mon, 15 May 2023 10:43:01 +0200 (CEST) Received: by dismail.de (OpenSMTPD) with ESMTPSA id 67423611 (TLSv1.3:TLS_AES_256_GCM_SHA384:256:NO) for ; Mon, 15 May 2023 10:43:00 +0200 (CEST) Date: Mon, 15 May 2023 04:42:55 -0400 From: LuMiWa To: questions@freebsd.org Subject: Re: unbound Message-ID: <20230515044255.70c50a23@dismail.de> In-Reply-To: <6538db87-9927-4bd9-a837-d66137c933a3@app.fastmail.com> References: <20230513053351.6e101f66@dismail.de> <4d7fe7b8-bbd5-e10d-41ee-2b6d46ddb39a@slagle.net> <20230513174552.6d1a05e8@dismail.de> <6538db87-9927-4bd9-a837-d66137c933a3@app.fastmail.com> X-Mailer: Claws Mail 3.19.0 (GTK+ 2.24.33; amd64-portbld-freebsd13.1) List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Spamd-Result: default: False [-5.10 / 15.00]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; DWL_DNSWL_LOW(-1.00)[dismail.de:dkim]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-0.997]; DMARC_POLICY_ALLOW(-0.50)[dismail.de,reject]; R_DKIM_ALLOW(-0.20)[dismail.de:s=20190914]; R_SPF_ALLOW(-0.20)[+ip4:78.46.223.134]; RCVD_IN_DNSWL_LOW(-0.10)[78.46.223.134:from]; MIME_GOOD(-0.10)[text/plain]; FROM_EQ_ENVFROM(0.00)[]; ASN(0.00)[asn:24940, ipnet:78.46.0.0/15, country:DE]; MLMMJ_DEST(0.00)[questions@freebsd.org]; RCVD_TLS_LAST(0.00)[]; MIME_TRACE(0.00)[0:+]; DKIM_TRACE(0.00)[dismail.de:+]; RCPT_COUNT_ONE(0.00)[1]; TO_DN_NONE(0.00)[]; RCVD_COUNT_FIVE(0.00)[5]; ARC_NA(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; FROM_HAS_DN(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[questions@freebsd.org]; TO_MATCH_ENVRCPT_ALL(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[] X-Rspamd-Queue-Id: 4QKXvD2wVYz3njS X-Spamd-Bar: ----- X-ThisMailContainsUnwantedMimeParts: N On Mon, 15 May 2023 05:09:35 +0000 "Dave Cottlehuber" wrote: > On Sat, 13 May 2023, at 21:45, LuMiWa wrote: > >> > It worked years without problem but this weeks stopped. I remowed > >> > forward-tls... and port 853 and it works again but it is not the > >> > same. > >> >=20 > >> > Thank you. >=20 > What doesn't work, specifically? When you run unbound in the > foreground, do you see any errors? >=20 > For debugging, stop local_unbound, add `logfile: ""` to your `server:` > block in unbound.conf, and then run it in foreground: >=20 > /usr/sbin/local-unbound -c /var/unbound/unbound.conf -dvvvv >=20 > Adjust -v as required. >=20 > https://support.quad9.net/hc/en-us/articles/7200715305997-DNS-over-TLS-Fr= eeBSD-with-local-unbound > has a full config on their site, which can be summarised as defaults + >=20 > forward-zone: > name: "." > forward-tls-upstream: yes # Use DNS-over-TLS > forward-first: no # do NOT send direct >=20 > # 9.9.9.9 - Threat-blocking with DNSSEC > forward-addr: 9.9.9.9@853#dns.quad9.net > forward-addr: 149.112.112.112@853#dns.quad9.net >=20 > A+ > Dave >=20 I will do but as I wrote before I am using unbound from ports. --=20 =E2=80=9CIt is the time you have wasted for your rose that makes your rose = so important.=E2=80=9D =E2=80=95 Antoine de Saint-Exup=C3=A9ry, The Little Prince=20