| 5 | 5 |
edns_client_subnet_private : 1
|
| 6 | 6 |
round_robin_upstreams: 1
|
| 7 | 7 |
idle_timeout: 10000
|
|
8 |
tls_backoff_time: 500
|
| 8 | 9 |
listen_addresses:
|
| 9 | 10 |
- 127.0.0.1@5533
|
| 10 | 11 |
- 0::1@5533
|
| 11 | 12 |
upstream_recursive_servers:
|
|
13 |
## Google
|
| 12 | 14 |
- address_data: 8.8.8.8
|
| 13 | 15 |
tls_auth_name: "dns.google"
|
| 14 | 16 |
- address_data: 8.8.4.4
|
|
| 17 | 19 |
tls_auth_name: "dns.google"
|
| 18 | 20 |
- address_data: 2001:4860:4860::8844
|
| 19 | 21 |
tls_auth_name: "dns.google"
|
|
22 |
####### Servers that listen on port 443 (IPv4 and IPv6) #######
|
|
23 |
## Surfnet/Sinodun servers
|
|
24 |
- address_data: 145.100.185.15
|
|
25 |
tls_port: 443
|
|
26 |
tls_auth_name: "dnsovertls.sinodun.com"
|
|
27 |
tls_pubkey_pinset:
|
|
28 |
- digest: "sha256"
|
|
29 |
value: 62lKu9HsDVbyiPenApnc4sfmSYTHOVfFgL3pyB+cBL4=
|
|
30 |
- address_data: 145.100.185.16
|
|
31 |
tls_port: 443
|
|
32 |
tls_auth_name: "dnsovertls1.sinodun.com"
|
|
33 |
tls_pubkey_pinset:
|
|
34 |
- digest: "sha256"
|
|
35 |
value: cE2ecALeE5B+urJhDrJlVFmf38cJLAvqekONvjvpqUA=
|
|
36 |
## dns.cmrg.net server using Knot resolver
|
|
37 |
- address_data: 199.58.81.218
|
|
38 |
tls_port: 443
|
|
39 |
tls_auth_name: "dns.cmrg.net"
|
|
40 |
tls_pubkey_pinset:
|
|
41 |
- digest: "sha256"
|
|
42 |
value: 3IOHSS48KOc/zlkKGtI46a9TY9PPKDVGhE3W2ZS4JZo=
|
|
43 |
- digest: "sha256"
|
|
44 |
value: 5zFN3smRPuHIlM/8L+hANt99LW26T97RFHqHv90awjo=
|
|
45 |
## dns.neutopia.org
|
|
46 |
- address_data: 89.234.186.112
|
|
47 |
tls_port: 443
|
|
48 |
tls_auth_name: "dns.neutopia.org"
|
|
49 |
tls_pubkey_pinset:
|
|
50 |
- digest: "sha256"
|
|
51 |
value: wTeXHM8aczvhRSi0cv2qOXkXInoDU+2C+M8MpRyT3OI=
|
|
52 |
## The Surfnet/Sinodun servers
|
|
53 |
- address_data: 2001:610:1:40ba:145:100:185:15
|
|
54 |
tls_port: 443
|
|
55 |
tls_auth_name: "dnsovertls.sinodun.com"
|
|
56 |
tls_pubkey_pinset:
|
|
57 |
- digest: "sha256"
|
|
58 |
value: 62lKu9HsDVbyiPenApnc4sfmSYTHOVfFgL3pyB+cBL4=
|
|
59 |
- address_data: 2001:610:1:40ba:145:100:185:16
|
|
60 |
tls_port: 443
|
|
61 |
tls_auth_name: "dnsovertls1.sinodun.com"
|
|
62 |
tls_pubkey_pinset:
|
|
63 |
- digest: "sha256"
|
|
64 |
value: cE2ecALeE5B+urJhDrJlVFmf38cJLAvqekONvjvpqUA=
|
|
65 |
## dns.cmrg.net server using Knot resolver
|
|
66 |
- address_data: 2001:470:1c:76d::53
|
|
67 |
tls_port: 443
|
|
68 |
tls_auth_name: "dns.cmrg.net"
|
|
69 |
tls_pubkey_pinset:
|
|
70 |
- digest: "sha256"
|
|
71 |
value: 3IOHSS48KOc/zlkKGtI46a9TY9PPKDVGhE3W2ZS4JZo=
|
|
72 |
- digest: "sha256"
|
|
73 |
value: 5zFN3smRPuHIlM/8L+hANt99LW26T97RFHqHv90awjo=
|
|
74 |
## dns.neutopia.org
|
|
75 |
- address_data: 2a00:5884:8209::2
|
|
76 |
tls_port: 443
|
|
77 |
tls_auth_name: "dns.neutopia.org"
|
|
78 |
tls_pubkey_pinset:
|
|
79 |
- digest: "sha256"
|
|
80 |
value: wTeXHM8aczvhRSi0cv2qOXkXInoDU+2C+M8MpRyT3OI=
|
|
81 |
## Foundation for Applied Privacy
|
|
82 |
- address_data: 93.177.65.183
|
|
83 |
tls_port: 443
|
|
84 |
tls_auth_name: "dot1.applied-privacy.net"
|
|
85 |
- address_data: 2a03:4000:38:53c::2
|
|
86 |
tls_port: 443
|
|
87 |
tls_auth_name: "dot1.applied-privacy.net"
|