Unverschlüsselter CoreDNS-Server first config
This commit is contained in:
parent
96fdfb1112
commit
de33269452
1 changed files with 64 additions and 35 deletions
109
CoreDNS/Corefile
109
CoreDNS/Corefile
|
@ -1,53 +1,82 @@
|
||||||
tls
|
|
||||||
sign
|
|
||||||
file/root
|
|
||||||
loadbalance
|
|
||||||
forward
|
|
||||||
bind
|
|
||||||
loop
|
|
||||||
|
|
||||||
dns://.:53 {
|
dns://.:53 {
|
||||||
bind eth0
|
forward . 5.1.66.255:53 [2001:678:e68:f000::]:53 185.150.99.255 [2001:678:ed0:f000::]:53 91.239.100.100 [2001:67c:28a4::]:53 89.233.43.71 [2a01:3a0:53:53::]:53 {
|
||||||
loadbalance round_robin
|
prefer_udp
|
||||||
forward . 127.0.0.1:5051 127.0.0.1:5052
|
policy round_robin
|
||||||
|
}
|
||||||
|
cache {
|
||||||
|
success 5000
|
||||||
|
denial 2500
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
dns://.:5353 {
|
||||||
|
forward . 127.0.0.1:5051 127.0.0.1:5052 127.0.0.1:5053 127.0.0.1:5054 127.0.0.1:5055 127.0.0.1:5056 127.0.0.1:5057 {
|
||||||
|
policy round_robin
|
||||||
|
}
|
||||||
|
cache {
|
||||||
|
success 5000
|
||||||
|
denial 2500
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
tls://.:853 {}
|
||||||
|
|
||||||
|
https://.:443 {}
|
||||||
|
|
||||||
|
##########
|
||||||
|
|
||||||
127.0.0.1:5051 {
|
127.0.0.1:5051 {
|
||||||
forward . tls://8.8.8.8 tls://8.8.4.4 {
|
forward . tls://[2a01:4f8:251:554::2] tls://5.9.164.112 {
|
||||||
tls_servername dns.google
|
tls_servername dns3.digitalcourage.de
|
||||||
|
prefer_udp
|
||||||
|
policy round_robin
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
127.0.0.1:5052 {
|
127.0.0.1:5052 {
|
||||||
forward . 1.1.1.1 1.0.0.1 {
|
forward . tls://5.1.66.255 tls://185.150.99.255 tls://[2001:678:ed0:f000::] tls://[2001:678:e68:f000::] {
|
||||||
tls_servername cloudflare-dns.com
|
tls_servername dot.ffmuc.net
|
||||||
|
prefer_udp
|
||||||
|
policy round_robin
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
127.0.0.1:5053 {
|
||||||
|
forward . tls://185.95.218.43 tls://185.95.218.42 tls://[2a05:fc84::43] tls://[2a05:fc84::42] {
|
||||||
tls://.:853 {
|
tls_servername dns.digitale-gesellschaft.ch
|
||||||
tls cert.pem key.pem ca.pem
|
prefer_udp
|
||||||
}
|
policy round_robin
|
||||||
|
}
|
||||||
https://.:443 {
|
}
|
||||||
tls cert.pem key.pem ca.pem
|
|
||||||
}
|
127.0.0.1:5054 {
|
||||||
|
forward . tls://89.233.43.71 tls://[2a01:3a0:53:53::] {
|
||||||
. {
|
tls_servername unicast.censurfridns.dk
|
||||||
bind eth0
|
prefer_udp
|
||||||
loop
|
policy round_robin
|
||||||
loadbalance round_robin
|
}
|
||||||
forward . 8.8.8.8 9.9.9.9
|
}
|
||||||
forward . tls://9.9.9.9 {
|
|
||||||
tls_servername dns.quad9.net
|
127.0.0.1:5055 {
|
||||||
health_check 5s
|
forward . tls://91.239.100.100 tls://[2001:67c:28a4::] {
|
||||||
|
tls_servername anycast.censurfridns.dk
|
||||||
|
prefer_udp
|
||||||
|
policy round_robin
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
127.0.0.1:5056 {
|
||||||
|
forward . tls://91.239.100.100 tls://[2001:67c:28a4::] {
|
||||||
|
tls_servername anycast.uncensoreddns.org
|
||||||
|
prefer_udp
|
||||||
|
policy round_robin
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
127.0.0.1:5057 {
|
||||||
|
forward . tls://89.233.43.71 tls://[2a01:3a0:53:53::] {
|
||||||
|
tls_servername unicast.uncensoreddns.org
|
||||||
|
prefer_udp
|
||||||
|
policy round_robin
|
||||||
}
|
}
|
||||||
cache 30
|
|
||||||
hosts {
|
|
||||||
10.0.0.1 example.org
|
|
||||||
falltrough
|
|
||||||
}
|
|
||||||
hosts
|
|
||||||
hosts /etc/hosts example.org
|
|
||||||
}
|
}
|
Loading…
Reference in a new issue