50f9f1a2b8be797b59f7
New Member
Can someone please let know if I can use the new Adguard DNS service with Stubby? I'm trying to reverse engineer the NextDNS configuration for Stubby to work with AdGuard. What I've done is taken the Plain DNS server addresses and added the device identifier and domain from the Encrypted DNS server addresses.
The question is:
Will the "plain DNS server addresses" accept a DNS-over-TLS request?
If not, what IP addresses should be used for DNS-over-TLS?
What are the IPv6 Address for DNS-over-TLS?
The configuration I think would work assuming the plain DNS addresses can take TLS would look like this.
upstream_recursive_servers:
- address_data: 94.140.14.49
tls_auth_name: "xxxxxxxxx.d.adguard-dns.com"
- address_data: IPv6 ????
tls_auth_name: "xxxxxxxxx.d.adguard-dns.com"
- address_data: 94.140.14.59
tls_auth_name: "xxxxxxxxx.d.adguard-dns.com"
- address_data: IPv6 ????
tls_auth_name: "xxxxxxxxx.d.adguard-dns.com"
I'm hoping someone who's gone down this path can help. The goal is to have Stubby run on a non-standard port so Pihole sees AdGuard DNS as an upstream DNS with the benefit of encrypted DNS.
The question is:
Will the "plain DNS server addresses" accept a DNS-over-TLS request?
If not, what IP addresses should be used for DNS-over-TLS?
What are the IPv6 Address for DNS-over-TLS?
The configuration I think would work assuming the plain DNS addresses can take TLS would look like this.
upstream_recursive_servers:
- address_data: 94.140.14.49
tls_auth_name: "xxxxxxxxx.d.adguard-dns.com"
- address_data: IPv6 ????
tls_auth_name: "xxxxxxxxx.d.adguard-dns.com"
- address_data: 94.140.14.59
tls_auth_name: "xxxxxxxxx.d.adguard-dns.com"
- address_data: IPv6 ????
tls_auth_name: "xxxxxxxxx.d.adguard-dns.com"
I'm hoping someone who's gone down this path can help. The goal is to have Stubby run on a non-standard port so Pihole sees AdGuard DNS as an upstream DNS with the benefit of encrypted DNS.