Private servers on the LAN are resolved by BIND, and an ADGuard Home server is used as forwarder for everything else. I've done almost exactly what you've described: using bind (though in my case I use both bind, and also free-ipa, which run a bind under the hood to provide DNS) to my home LAN. Please can someone say if this is possible or if I need to change my topology etc? Any pointers would be much appreciated. ![]() Instead I want DNS queries (if passed upstream by my Bind9 Server) to be passed over DNSSEC (or DNS over TLS) to my AdGuard VM for secure ad blocking and encypted public queries. My Current DNS query path is Netowrk 192.168.0.0/24 > 192.168.0.253 Bind9Server (This handles requests for A records and CNAMES etc for private IP ranges, if not found is passed upstream) > 8.8.8.8 (Public DNS for anything outside my LAN) I'm currently running an Ubuntu Server VM on a Proxmox Host, running Bind9 DNS for my internal LAN (home lab), I want to setup AdGuard on a seprate VM and use DNSSEC or DNS over TLS for everything upstread of my bind9 box. ![]() Also, try testing plain udp dns before trying dns over https to see if performance changes much. One of the slower dns servers from my experience. ![]() In the diagram I threw together the left hand side shows my current LAN's DNS query path, I would like to have it as shown on the right hand side with AdGuard and DNSSEC or DNS over TLS if possible I have a decent physical Proxmox host capable of having two separate VMs if needed, is this possible? If you are using the default AdGuard dns server then that’s probably the main issue.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |