Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- -- dnsdist configuration file, an example can be found in /usr/share/doc/dnsdist/examples/
- -- disable security status polling via DNS
- setSecurityPollSuffix("")
- setLocal("127.0.0.1:5353")
- -- allow query from all IP addresses
- addACL('0.0.0.0/0')
- -- add a DoH resolver listening on port 443 of all interfaces
- addDOHLocal("127.0.0.1:443", "/etc/letsencrypt/live/nss1.example.com/fullchain.pem", "/etc/letsencrypt/live/nss1.example.com/privkey.pem", { "/" }, { doTCP=true, reusePort=true, tcpFastOpenSize=0 })
- -- add a DoH resolver listening on port 443 of all interfaces
- addDOHLocal("127.0.0.1:443", "/etc/letsencrypt/live/doh.example.com/fullchain.pem", "/etc/letsencrypt/live/doh.example.com/privkey.pem", { "/" }, { doTCP=true, reusePort=true, tcpFastOpenSize=0 })
- -- add a DoH resolver listening on port 443 of all interfaces
- addDOHLocal("127.0.0.1:443", "/etc/letsencrypt/live/dot.example.com/fullchain.pem", "/etc/letsencrypt/live/dot.example.com/privkey.pem", { "/" }, { doTCP=true, reusePort=true, tcpFastOpenSize=0 })
- -- downstream resolver
- newServer({address="127.0.0.1:53",qps=5, name="resolver1"})
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement