From nobody Tue May 30 20:30:32 2023 X-Original-To: questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4QW3tf6LnZz4Y6h3 for ; Tue, 30 May 2023 20:30:34 +0000 (UTC) (envelope-from des@freebsd.org) Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4QW3tf5xsnz4Km2; Tue, 30 May 2023 20:30:34 +0000 (UTC) (envelope-from des@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1685478634; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Sv6UN83zkouw3bsiS+5JXeHf56aAwrt0fU43D0fER68=; b=rZj8u1zomGVnj3/A8sGX4dp8mqilhbEqAh79FaR6s7ATvV5lmvdOr94UG5/fvrGbHBV2Q+ fSaRlQwz0dD177ItAeOmwulZMD5NQgzwWD7wShYTP1ESPw6zrtW7PLBD6SVi2dnOfQjERH xU0yxQCOJZ2uzdSvJo6bhjDPoIpMLdNRgZxy61V2J5lebAg/7ya7QwlmAN4Az9U1D0rxZx v4tC05aP2SazvUbezvZ7XLE4/Y3Q/bcVpdohL/RB7huD1/SVHYGy53fx+PnbaXFHMTv/tv 4X/xOFngDAAljhjyxgP7F/xdnKC6W4+GB4BHPsW9eYkPbumRdMbDFr4QZXzFJg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1685478634; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Sv6UN83zkouw3bsiS+5JXeHf56aAwrt0fU43D0fER68=; b=IdK38Mmb32deXJwjh2m6fz/sJkwBr3nYaRQEUNtoEWjMvtWbRXTVjIFBKhoh02RRodWa3R MP8/5fnRCQvjKmiZkbK0Y+c+OqsAhRuF+anvlbRuMTWI7gkkoWStKcT7Kj6kjcIW5zc9Pl FvKZ6iD2Zn3ChCIOGm/VdpskcG/Z04kMBgNhbn88uhRAsbUhCwN+DPe1p5Cdd76IxaA38h /vzXHjf7F76tbBmEOzP+0eqd2uJylKvyEEkM4Moq44oRVsOwvjjk2wp9Wbe1L4bc2aS63U Ag/MEIhbiEKHHHd7JwO2x2O6t0Oz+T/987oRJkWAqM0plcTO/cs1eoLMGDQd2g== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1685478634; a=rsa-sha256; cv=none; b=hzfoxQ3fCeif8FPhy6ctq1LFDPKNHPIjWZHpvb2MG18uzsDWWeOnNnIV/Dy86dipCWjZnY oKwy4GeSC84UeoyiYX7ZvSYglKCgvSN31Xzc+e5eoi/83KvMbBQkEAi5k4IdA+j4vaPZDn BVVW/NWTOU6QxP8wEvDhMLNslHyQ9cAjsZAmVDlQV6Oi00PiP9m5R6fgyXof9RpHivYlGq JIP4UAE5sEly2YJJcfdyws/hZE8ct/x0jXC7oiAv2IhZoQ+b00qoA3eI8d2J/vwSZQCMrO 9v15909PEu7hlF6r+dEmRvZ88NqxRrHsTahoIPkKghU3GzP+cNAfQ0LC+Fu+Ew== Received: from ltc.des.no (125.22.65.37.rev.sfr.net [37.65.22.125]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) (Authenticated sender: des) by smtp.freebsd.org (Postfix) with ESMTPSA id 4QW3tf4QSBzn7X; Tue, 30 May 2023 20:30:34 +0000 (UTC) (envelope-from des@freebsd.org) Received: by ltc.des.no (Postfix, from userid 1001) id 034F1E02A5; Tue, 30 May 2023 22:30:33 +0200 (CEST) From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= To: "Dave Cottlehuber" Cc: questions@freebsd.org Subject: Re: unbound In-Reply-To: <6538db87-9927-4bd9-a837-d66137c933a3@app.fastmail.com> (Dave Cottlehuber's message of "Mon, 15 May 2023 05:09:35 +0000") References: <20230513053351.6e101f66@dismail.de> <4d7fe7b8-bbd5-e10d-41ee-2b6d46ddb39a@slagle.net> <20230513174552.6d1a05e8@dismail.de> <6538db87-9927-4bd9-a837-d66137c933a3@app.fastmail.com> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.2 (berkeley-unix) Date: Tue, 30 May 2023 22:30:32 +0200 Message-ID: <86mt1lk1ef.fsf@ltc.des.no> List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-ThisMailContainsUnwantedMimeParts: N "Dave Cottlehuber" writes: > https://support.quad9.net/hc/en-us/articles/7200715305997-DNS-over-TLS-Fr= eeBSD-with-local-unbound > has a full config on their site, which can be summarised as defaults + This is bad advice, please see this instead: https://blog.des.no/2018/10/dns-over-tls-in-freebsd-12/ (just replace the cloudflare addresses with quad9 addresses) DES --=20 Dag-Erling Sm=C3=B8rgrav - des@FreeBSD.org