diff --git a/client-conf/README.md b/client-conf/README.md index d452afb..b6d1e3e 100755 --- a/client-conf/README.md +++ b/client-conf/README.md @@ -20,13 +20,8 @@ net.listen({'::1', '127.0.0.1'}, 53) -- Cache size cache.size = 100 * MB --- To disable DNSSEC validation, uncomment the following line (not recommended) -trust_anchors.remove('.') - -- Forward queries to Blahdns -policy.add(policy.all(policy.TLS_FORWARD({{'159.69.198.101@443', hostname='dot-de.blahdns.com', ca_file='/etc/ssl/certs/ca-certificates.crt'}}))) -policy.add(policy.all(policy.TLS_FORWARD({{'45.32.55.94@853', hostname='dot-jp.blahdns.com', ca_file='/etc/ssl/certs/ca-certificates.crt'}}))) -policy.add(policy.all(policy.TLS_FORWARD({{'2001:19f0:7001:3259:5400:02ff:fe71:0bc9@853', hostname='dot-jp.blahdns.com', ca_file='/etc/ssl/certs/ca-certificates.crt'}}))) +policy.add(policy.all(policy.TLS_FORWARD({{'139.162.112.47@853', hostname='dot-jp.blahdns.com', ca_file='/etc/ssl/certs/ca-certificates.crt'}}))) ``` @@ -48,10 +43,14 @@ forward-zone: forward-tls-upstream: yes forward-addr: 95.216.212.177@443#dot-fi.blahdns.com forward-addr: 2a01:4f9:c010:43ce::1@853#dot-fi.blahdns.com - forward-addr: 45.32.55.94@853#dot-jp.blahdns.com + forward-addr: 139.162.112.47@853#dot-jp.blahdns.com forward-addr: 2001:19f0:7001:3259:5400:02ff:fe71:0bc9@443#dot-jp.blahdns.com - forward-addr: 159.69.198.101@853#dot-de.blahdns.com - forward-addr: 2a01:4f8:1c1c:6b4b::1@443#dot-de.blahdns.com + forward-addr: 78.46.244.143@853#dot-de.blahdns.com + forward-addr: 2a01:4f8:c17:ec67::1@853#dot-de.blahdns.com + forward-addr: 45.91.92.121@853#dot-ch.blahdns.com + forward-addr: 2a0e:dc0:6:23::2@853#dot-ch.blahdns.com + forward-addr: 192.53.175.149@853#dot-sg.blahdns.com + forward-addr: 2400:8901::f03c:92ff:fe27:870a@853#dot-sg.blahdns.com ``` @@ -73,7 +72,7 @@ kdig google.com @dot-jp.blahdns.com +tls ## getdns ```bash sudo apt install getdns-utils -getdns_query @45.32.55.94 -s -L -A www.google.com +getdns_query @139.162.112.47 -s -L -A www.google.com ``` ## Curl @@ -92,7 +91,7 @@ doh-client --domain doh-jp.blahdns.com --qname google.com --qtype A ```bash nano /etc/systemd/resolved.conf -DNS=45.32.55.94 159.69.198.101 +DNS=4139.162.112.47 DNSOverTLS=opportunistic // Save and restart service