FORUMS
Remove All Ads from XDA

keweonDNS - now with improved Certificate (iOS, Mac & Android)

1,707 posts
Thanks Meter: 4,297
 
Post Reply Email Thread
3rd December 2019, 06:21 AM |#2891  
MoHuToP's Avatar
Senior Member
Flag Sofia
Thanks Meter: 98
 
More
From 01.12.19 connection thorough keweon is really lightning fast. Any recent changes?

Regards!
The Following User Says Thank You to MoHuToP For This Useful Post: [ View ] Gift MoHuToP Ad-Free
5th December 2019, 01:20 PM |#2892  
Senior Member
heaven
Thanks Meter: 64
 
More
keweonDNS for Windows

Download the QuickSetDNS from NIRSOFT and use it on Windows to change your DNS settings.
Currently it's only working with IPv4. Link to NirSoft is HERE

version 1.30 has support for ipv6 as well
The Following User Says Thank You to L1p1c1 For This Useful Post: [ View ] Gift L1p1c1 Ad-Free
5th December 2019, 04:43 PM |#2893  
MrT69's Avatar
OP Senior Member
Flag Königsbrunn
Thanks Meter: 4,297
 
Donate to Me
More
Quote:
Originally Posted by L1p1c1

keweonDNS for Windows

Download the QuickSetDNS from NIRSOFT and use it on Windows to change your DNS settings.
Currently it's only working with IPv4. Link to NirSoft is HERE

version 1.30 has support for ipv6 as well

I will change the download Link next week and I will also add the IPv6 Server within the config.

Thanks a lot for monitoring
The Following User Says Thank You to MrT69 For This Useful Post: [ View ] Gift MrT69 Ad-Free
6th December 2019, 05:19 PM |#2894  
Junior Member
Thanks Meter: 2
 
More
Quote:
Originally Posted by MrT69

What's about the idea to use unbound???
I really have no idea about stubby because it's round about 4 or 5 yrs ago that I was using stubby.

How can I configure unbound on Linux desktop (not server) including IPv4/IPv6 ? Is it possible ... up to know I run stubby.
6th December 2019, 09:22 PM |#2895  
MrT69's Avatar
OP Senior Member
Flag Königsbrunn
Thanks Meter: 4,297
 
Donate to Me
More
Quote:
Originally Posted by mucke5

How can I configure unbound on Linux desktop (not server) including IPv4/IPv6 ? Is it possible ... up to know I run stubby.

Take a look at this page:

https://calomel.org/unbound_dns.html

or copy & paste to use this config:

Code:
## DNS Over TLS, Simple ENCRYPTED recursive caching DNS, TCP port 853
## unbound.conf -- https://calomel.org
## FreeBSD 12 unbound config
#
server:
  access-control: 10.0.0.0/8 allow
  access-control: 192.168.0.0/16 allow
 #access-control: fddd::/48 allow
  aggressive-nsec: yes
 #auto-trust-anchor-file: /usr/local/etc/unbound/root.key
  cache-max-ttl: 14400
  cache-min-ttl: 1200
  chroot: /usr/local/etc/unbound
  directory: /usr/local/etc/unbound
  do-ip4: yes
  do-ip6: yes
  do-tcp: yes
  hide-identity: yes
  hide-version: yes
  interface: 127.255.10.10
  interface: ::2
  pidfile: /var/run/local_unbound.pid
  port: 53
  prefetch: yes
  rrset-roundrobin: yes
  tls-cert-bundle: "/usr/local/share/certs/ca-root-nss.crt"
  use-caps-for-id: yes
  username: unbound

  # Unbound from pkg built with libevent; increase threads and slabs to the
  # number of real cpu cores to reduce lock contention. Increase cache size to
  # store more records and allow each thread to serve an increased number of
  # concurrent client requests.
# num-threads: 4
# msg-cache-slabs: 4
# rrset-cache-slabs: 4
# infra-cache-slabs: 4
# key-cache-slabs: 4
# msg-cache-size: 256M
# rrset-cache-size: 512M
# outgoing-range: 8192
# num-queries-per-thread: 4096

 # forward-addr format must be ip "@" port number "#" followed by the valid public hostname
 # in order for unbound to use the tls-cert-bundle to validate the dns server certificate.
 forward-zone:
   name: "."
   forward-tls-upstream: yes
   forward-addr: [email protected]#one.one.one.one
   forward-addr: [email protected]#one.one.one.one
   forward-addr: [email protected]#dns.google
   forward-addr: [email protected]#dns.google
   forward-addr: [email protected]#dns.quad9.net
   forward-addr: [email protected]#dns.quad9.net


If you have problems by using this config then let me know. But it's quite easy for local usage.

Install unbound, copy and pase this config. Restart unbound and it's working. Now point you network card to DNS at 127.255.10.10 (v4) or ::2 (v6) .

That's it. Your NIC is asking unbound and unbound is forwarding all requests encrypted. When this is done then you can change the IP Address to keweonDNS. Just change the "forwrd-addr" and that's it.
Yesterday, 11:45 AM |#2896  
Junior Member
Thanks Meter: 2
 
More
Quote:
Originally Posted by MrT69

Take a look at this page:

https://calomel.org/unbound_dns.html

If you have problems by using this config then let me know. But it's quite easy for local usage.

Install unbound, copy and pase this config. Restart unbound and it's working. Now point you network card to DNS at 127.255.10.10 (v4) or ::2 (v6) .

That's it. Your NIC is asking unbound and unbound is forwarding all requests encrypted. When this is done then you can change the IP Address to keweonDNS. Just change the "forwrd-addr" and that's it.

Could you offer a ready-to-use config like you do for QuickSetDNS, please? I would be surprised if you didn't optimize some settings...
The Following User Says Thank You to mucke5 For This Useful Post: [ View ] Gift mucke5 Ad-Free
Yesterday, 10:24 PM |#2897  
MrT69's Avatar
OP Senior Member
Flag Königsbrunn
Thanks Meter: 4,297
 
Donate to Me
More
Quote:
Originally Posted by mucke5

Could you offer a ready-to-use config like you do for QuickSetDNS, please? I would be surprised if you didn't optimize some settings...

Thanks a lot for this but I must pass. Unbound is almost a tiny DNS genius because it's supports DNS, DoT and even DnsCrypt.

I have a almost 5 yrs old config for Unbound and this is for FreeBSD. I guess this will not really help because it only supports DNS.

If you want to teach yourself then use Unbound. From my point of view it's the best DNS for tiny and middle size environments.
Post Reply Subscribe to Thread

Tags
adblocker, dns

Guest Quick Reply (no urls or BBcode)
Message:
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes