Hi there,
I would like to host a Debian mail server, where additionally an OpenVPN server instance is listening on UDP Port 53. The server itself should use DoH if possible, else DoT. I can not get it to work however.
I tried using resolved, but without avail. My ideal solution would be to just be a DoH/DoT client and not bother setting up an own DNS server, so I would not interfere with Port 53. Can someone point me in the right direction?
Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230
[Solved] Use DoT/DoH but keep UDP Port 53 free on Debian
Re: Use DoT/DoH but keep UDP Port 53 free on Debian
You could make the OpenVPN server listen on your WAN IP (which is what you need), and your DNS resolver could listen on localhost. This way both OpenVPN and DNS resolver can "share" UDP port 53.
Note however that if you want to host a mail server, it is (generally) recommended not to host a VPN server there, as some systems may (incorrectly) lower the reputation of the mail server because it also "offers" VPN.
For VPN (OpenVPN, Wireguard) I'd recommend the cheapest VPS you can find. It will be enough, and you can keep it separated from other systems.
Note however that if you want to host a mail server, it is (generally) recommended not to host a VPN server there, as some systems may (incorrectly) lower the reputation of the mail server because it also "offers" VPN.
For VPN (OpenVPN, Wireguard) I'd recommend the cheapest VPS you can find. It will be enough, and you can keep it separated from other systems.
Re: Use DoT/DoH but keep UDP Port 53 free on Debian
As far as I know, you cannot share a port in the way you recommended, unfortunately.
Re: Use DoT/DoH but keep UDP Port 53 free on Debian
Of course you can. I have three different programs bound to udp/53 on my server. One is OpenVPN (listening on WAN address), another is an unbound instance (listening on localhost, used as default resolver), and another unbound instance listening on a VPN address (used as resolver for VPN clients).
Any reason why you think you cannot share a port like I've written? (and like I actually do).
Any reason why you think you cannot share a port like I've written? (and like I actually do).
Re: Use DoT/DoH but keep UDP Port 53 free on Debian
I want to apologize, your solution works of course. Thank you! I configured my system like you suggested. This can be closed now!
- fabien
- Forum Helper
- Posts: 741
- Joined: 2019-12-03 12:51
- Location: Anarres (Toulouse, France actually)
- Has thanked: 67 times
- Been thanked: 173 times
Re: Use DoT/DoH but keep UDP Port 53 free on Debian
Thanks for updating your topic.
[Solved] Use DoT/DoH but keep UDP Port 53 free on Debian
EDIT Mon Apr 29 13:40:47 CEST 2024: marked as [Solved]
To do this, change the title of your first post, e.g.
[Solved] Use DoT/DoH but keep UDP Port 53 free on Debian
EDIT Mon Apr 29 13:40:47 CEST 2024: marked as [Solved]
Share your Debian SCRIPTS
There will be neither barrier nor walls, neither official nor guard, there will be no more desert and the entire world will become a garden. — Anacharsis Cloots
There will be neither barrier nor walls, neither official nor guard, there will be no more desert and the entire world will become a garden. — Anacharsis Cloots