Project

General

Profile

Actions

Todo #15797

closed

Feedback on pfSense® software Configuration Recipes — Configuring DNS over TLS

Added by Ben Miller 5 days ago. Updated 3 days ago.

Status:
Closed
Priority:
Very Low
Assignee:
-
Category:
References
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:

Description

Page: https://docs.netgate.com/pfsense/en/latest/recipes/dns-over-tls.html

Feedback:

I believe the DNS Hostname entry has changed since the time of writing. It seems they are using one.one.one.one for the IPv4 and IPv6 associated.

I do not believe it breaks functionality but wanted to bring this up.

Cloudflare reference: https://developers.cloudflare.com/1.1.1.1/encryption/dns-over-tls/#_top

Actions #1

Updated by Jim Pingle 3 days ago

  • Status changed from New to Closed

The SAN list on their certificate will match any of the following hostnames:

DNS:cloudflare-dns.com, DNS:*.cloudflare-dns.com, DNS:one.one.one.one, IP Address:1.0.0.1, IP Address:1.1.1.1, IP Address:162.159.36.1, IP Address:162.159.46.1, IP Address:2606:4700:4700:0:0:0:0:1001, IP Address:2606:4700:4700:0:0:0:0:1111, IP Address:2606:4700:4700:0:0:0:0:64, IP Address:2606:4700:4700:0:0:0:0:6400

Until they break that, it seems better to use the generic name since it seems more logical a choice as it works for any of the other non-"1.1.1.1" IP addresses.

You can use whichever one you like, though. They all work.

Actions

Also available in: Atom PDF