adding unbound-dot.conf

etc/unbound/unbound-dot.conf

@@ -0,0 +1,34 @@
+# https://www.jwillikers.com/dns-over-tls-with-unbound
+
+# unbound.conf:
+#  include: "/etc/unbound/unbound-dot.conf"
+
+server:
+    tls-cert-bundle: "/etc/ssl/cert.pem"
+
+forward-zone:
+    name: "."
+    forward-tls-upstream: yes        # use DNS-over-TLS forwarder
+    forward-first: no                # do NOT send direct
+
+  # the hostname after "#" is not a comment, it is used for TLS checks:
+
+  # Cloudflare
+#    forward-addr: 2606:4700:4700::1111@853#cloudflare-dns.com
+#    forward-addr: 2606:4700:4700::1001@853#cloudflare-dns.com
+    forward-addr: 1.1.1.1@853#cloudflare-dns.com
+    forward-addr: 1.0.0.1@853#cloudflare-dns.com
+
+  # Mullvad Unfiltered
+#    forward-addr: 2a07:e340::2@853#dns.mullvad.net
+    forward-addr: 194.242.2.2@853#dns.mullvad.net
+  # Mullvad Adblock
+#    forward-addr: 2a07:e340::3@853#adblock.dns.mullvad.net
+#    forward-addr: 194.242.2.3@853#adblock.dns.mullvad.net
+
+  # Quad9
+#    forward-addr: 2620:fe::fe@853#dns.quad9.net
+#    forward-addr: 2620:fe::9@853#dns.quad9.net
+    forward-addr: 9.9.9.9@853#dns.quad9.net
+    forward-addr: 149.112.112.112@853#dns.quad9.net
+