Skip to content
English - United States
  • There are no suggestions because the search field is empty.

Configuring Linux Ubuntu to use Lumiun DNS via DoT

This configuration will make Linux Ubuntu forward your DNS requests to Lumiun DNS, using the secure DoT (DNS-over-TLS) protocol. The configuration is done through the Unbound software.

In this article, we will cover the configuration in Linux Ubuntu. If you use Linux Mint, see this other article.

Step-by-step

  1. Open a Terminal (locally or ssh).

  2. Copy and paste the parameters below - Replace abcd1234 with your site ID, and also replace dns_server_1, dns_server_2, dns6_server_1, and dns6_server2 with the respective DNS servers for your site. All of these are listed on the sites page.

    sudo apt update ; sudo apt -y install unbound curl

    sudo bash -c "curl -o /etc/unbound/cacert.pem https://curl.se/ca/cacert.pem"

    sudo bash -c "cat << EOF > /etc/unbound/unbound.conf.d/lumiundns.conf
    server:
    interface: 127.0.0.5
    tls-cert-bundle: /etc/unbound/cacert.pem
    forward-zone:
    name: '.'
    forward-tls-upstream: yes
    forward-addr: dns_server_1#abcd1234.dot.ldns.io
    forward-addr: dns_server_2#abcd1234.dot.ldns.io
    forward-addr: dns6_server_1#abcd1234.dot.ldns.io
    forward-addr: dns6_server_2#abcd1234.dot.ldns.io
    EOF"

    sudo systemctl restart unbound

    sudo systemctl stop systemd-resolved
    sudo systemctl disable systemd-resolved
    sudo rm /etc/resolv.conf
    sudo bash -c "echo nameserver 127.0.0.5 > /etc/resolv.conf"

    nslookup www.google.com
  3. Execute.

That's it! You can now view reports on your Lumiun DNS dashboard and also define policy rules.