Comments (2)
For the ssl-upstream setup, the config is wrong:
ssl-service-key: "/etc/ssl/certs/ca-certificates.crt"
This should be the private key, and ssl-service-pem
the public key, of your tls service (for downstream TLS, by the way, not upstream).
The ca certificates go into an option called tls-cert-bundle
, which was introduced in version 1.7.1 I think, so 1.6.0 is not going to work. For the upstream connection itself, you have to also specify where it goes, I mean, like the forward-addr destination. Here is a configuration example for tls upstream, in the 1.7.1 release anouncement. https://nlnetlabs.nl/news/2018/May/03/unbound-1.7.1-released/
from unbound.
about the vpn part of the quesiton,
it seems that my vpn is hijacking all dns queries besides those sent through some port.
How would I specify port 1400 udp and 1401 tcp for example? maybe I can't specify the protocol ?
EDIT: no need to contraint unbound to certain port, I had to connect to the vpn server to a specific port to apparently not having that system put in place by the vpn provider(absurd IMO). so for the vpn part it is resolved, there is still the problem with the ssl-upstream, I suppose I didn't configure that correctly? but checkconf didn't notice me of any errors.
from unbound.
Related Issues (20)
- fatal error: Could not initialize thread / error: reading root hints HOT 8
- a heap-buffer-overflow issue in function cfg_mark_ports of file util/config_file.c
- Unable to resolve .eu TLD HOT 5
- Low Throughput Issue with unbound DNS over TLS on Ubuntu 22.04 HOT 14
- unbound compiling question HOT 5
- Option for unbound-control list_forwards to list IPv6 only or IPv4 only upsreams
- 在配置EDNS Client Subnet 后部分域名无法获取DNS解析 HOT 9
- There are memory leaks with SIGHUP HOT 6
- [FR] Introduce libunbound-control library for external consumers HOT 2
- [FR] Does latest unbound to supports on Ubuntu 24.04 HOT 1
- Intermittent DNS blocking failure with local-zone and always_nxdomain HOT 21
- [SERVFAIL] Unbound with DoT enabled fails to resolve certain websites HOT 4
- [FR] Managing Cache Deletion and Fallback to Forwarding During Unbound Recursive DNS Failures
- [BUG] Problems to build unbound with nghttp2 and OpenSSL 3.3.0 / 3.2.1 HOT 3
- Unbound 1.20 Cachedb broken? HOT 30
- SHOULD in section 4.2 of RFC 9460 not implemented
- Unbound cache question because I'm confused HOT 2
- Chroot location question HOT 1
- Unbound 1.20 crashes in less than one hour, in libevent HOT 3
- [FR] Clear both in-memory and `cachedb` module cache with `unbound-control flush*` commands HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from unbound.