1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
####################################################
# #
# Encrypted DNS Server configuration #
# #
####################################################
##################################
# Global settings #
##################################
## IP addresses and ports to listen to
= ["0.0.0.0:443", "[::1]:4443"]
## IP address to connect to upstream servers from
= "0.0.0.0"
## File name to save the state to
= "encrypted-dns.state"
## Upstream DNS server and port
= "9.9.9.9:53"
## UDP timeout in seconds
= 10
## TCP timeout in seconds
= 10
## Maximum active UDP sockets
= 1000
## Maximum active TCP connections
= 100
## User name to drop privileges to, when started as root.
# user = "nobody"
## Group name to drop privileges to, when started as root.
# group = "nobody"
## Path to chroot() to, when started as root.
## The path to the state file is relative to the chroot base.
# chroot = "/var/empty"
####################################
# DNSCrypt settings #
####################################
[]
## Provider name (with or without the `2.dnscrypt-cert.` prefix)
= "secure.dns.test"
## Key cache capacity, per certificate
= 10000
###############################
# TLS settings #
###############################
[]
## Where to prooxy TLS connections to (e.g. DoH server)
# upstream_addr = "127.0.0.1:4343"