Secure DNS - how to enable


#1

Hello - here is secure DNS enabled at 192.168.1.1 - but on a test page like
securedns.eu there is telling that
secure DNS is NOT enabled ???

is there missing something in configuration to be done ?!
or is this a bug ?


#2

DNSSEC validation is enabled by default, if that’s what you mean. Some detectors are confused by knot-resolver not sending DO bit (“DNSSEC OK”) to zones that are insecure. This might be the case, but I haven’t looked really.


#3

securedns.eu is not a test page for DNSSEC, or any other DNS security related matter or bears any direct relation to any secure DNS stipulation in the router’s user interface, but is a public DNS resolver that utilizes various techniques.

If you want the router’s resolver to use it the queries from the router’s resolver need to be forwarded to 146.185.167.43 (ipv4) and/or 2a03:b0c0:0:1010::e9a:3001 (ipv6)