Actions
Todo #15797
closedFeedback on pfSense® software Configuration Recipes — Configuring DNS over TLS
Status:
Closed
Priority:
Very Low
Assignee:
-
Category:
References
Target version:
-
Start date:
Due date:
% Done:
0%
Estimated time:
Description
Page: https://docs.netgate.com/pfsense/en/latest/recipes/dns-over-tls.html
Feedback:
I believe the DNS Hostname entry has changed since the time of writing. It seems they are using one.one.one.one for the IPv4 and IPv6 associated.
I do not believe it breaks functionality but wanted to bring this up.
Cloudflare reference: https://developers.cloudflare.com/1.1.1.1/encryption/dns-over-tls/#_top
Updated by Jim Pingle 3 days ago
- Status changed from New to Closed
The SAN list on their certificate will match any of the following hostnames:
DNS:cloudflare-dns.com, DNS:*.cloudflare-dns.com, DNS:one.one.one.one, IP Address:1.0.0.1, IP Address:1.1.1.1, IP Address:162.159.36.1, IP Address:162.159.46.1, IP Address:2606:4700:4700:0:0:0:0:1001, IP Address:2606:4700:4700:0:0:0:0:1111, IP Address:2606:4700:4700:0:0:0:0:64, IP Address:2606:4700:4700:0:0:0:0:6400
Until they break that, it seems better to use the generic name since it seems more logical a choice as it works for any of the other non-"1.1.1.1" IP addresses.
You can use whichever one you like, though. They all work.
Actions