From 9ce41d7e3cd0200b694105273e5b1d060069a6d0 Mon Sep 17 00:00:00 2001
From: deepend-tildeclub <58404188+deepend-tildeclub@users.noreply.github.com>
Date: Wed, 17 Sep 2025 14:35:12 -0600
Subject: [PATCH] Configure DNS over TLS and HTTPS

Added configuration for DNS over TLS and DNS over HTTPS.
---
 named.conf.options | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/named.conf.options b/named.conf.options
index b1b4b31e..2ef2f8f3 100644
--- a/named.conf.options
+++ b/named.conf.options
@@ -10,6 +10,18 @@ options {
 	// Uncomment the following block, and insert the addresses replacing 
 	// the all-0's placeholder.
 
+    // Classic DNS still on port 53:
+    listen-on     { any; };
+    listen-on-v6  { any; };
+
+    // DoT (DNS over TLS) on 853
+    listen-on     port 853 tls "dns-tls" { any; };
+    listen-on-v6  port 853 tls "dns-tls" { any; };
+
+    // DoH (DNS over HTTPS) on 443 with default endpoint /dns-query
+    listen-on     port 443 tls "dns-tls" http default { any; };
+    listen-on-v6  port 443 tls "dns-tls" http default { any; };
+
 	 forwarders {
 	 //	172.98.193.42;	
 	//	198.206.14.241;