DNS over TLS in FreeBSD 12

submited 28 October 2018

With the arrival of OpenSSL 1.1.1, an upgraded Unbound, and some changes to the setup and init scripts, FreeBSD 12.0, currently in beta, now supports DNS over TLS out of the box.

DNS over TLS is just what it sounds like: DNS over TCP, but wrapped in a TLS session. It encrypts your requests and the server’s replies, and optionally allows you to verify the identity of the server. The advantages are protection against eavesdropping and manipulation of your DNS traffic; the drawbacks are a slight performance degradation and potential firewall traversal issues, as it runs over a non-standard port (TCP port 853) which may be blocked on some networks. Let’s take a look at how to set it up.

The BSD community linklog
Made a script? Written a blog post? Found a useful tutorial? Share it with the BSD community here or just enjoy what everyone else has found!


20 November 2019
Signal safety in DragonFly  

Some of the larger application sets on DragonFly have had trouble building, and inconsistent problems with that build. i.e. rust would fail, but in different parts of the build process, every time. It looks to be a problem with signal interaction, and there’s now much safer ways to do that on DragonFly.

[email protected] adventures at p2k19  

Next up in the series of p2k19 reports is Ken Westerback ([email protected]).

19 November 2019
DragonFlyBSD Pulls In AMD Radeon Graphics Driver Code From Linux 4.9  

DragonFlyBSD developer François Tigeot has continued doing a good job in continually updating their kernel's graphics driver code with a port of the AMD Radeon graphics source code from the Linux kernel along with related components like TTM memory management.

NomadBSD 1.3 RC1  

The project has published a new development snapshot based on FreeBSD 12.1.

Emergency Space Mode - BSD Now 324  

Migrating drives and zpool between hosts, OpenBSD in 2019, Dragonfly’s new zlib and dhcpcd, Batch renaming images and resolution with awk, a rant on the X11 ICCCM selection system, hammer 2 emergency space mode, and more.

p2k19 Hackathon Report: PostgreSQL and Ruby  

Our next p2k19 report comes from Jeremy Evans ([email protected]).

18 November 2019
p2k19 Hackathon Report: Landry Beuil on unveil(2)-ing Mozilla, sqlite3 testing  

Fresh from the just concluded p2k19 hackathon comes this report from Landry breuil ([email protected]).

load more