Raspberry Pi Docker Container to send all LAN DNS requests to Cloudflare’s 1.1.1.1 DNS over TLS

I wanted to implement this on a Raspberry Pi that I have running Docker.  However, I wasn’t able to find an image in Docker Hub for the ARM architecture that the Raspberry Pi uses so I made my own based on the x86-64 image, here.

  • Place the Dockerfile and unbound.conf in the same directory.
  • Docker file:
FROM arm32v6/alpine:3.7
EXPOSE 53/udp
RUN apk add --update --no-cache -q --progress unbound && \
    rm -rf /etc/unbound/unbound.conf /var/cache/apk/*
COPY unbound.conf /etc/unbound/unbound.conf
ENTRYPOINT unbound -d
  • unbound.conf:
server:
  verbosity: 0
  use-syslog: no
  qname-minimisation: yes
  do-tcp: yes
  prefetch: yes
  rrset-roundrobin: yes
  use-caps-for-id: yes
  do-ip4: yes
  do-ip6: no
  interface: 0.0.0.0
  access-control: 0.0.0.0/0 allow
forward-zone:
  name: "."
  forward-addr: [email protected]
  forward-addr: [email protected]
  forward-ssl-upstream: yes

 

  • Build the Docker image:
docker build -t itinnovations/cloudflaretlsdns:latest .

 

  • Start a container as a daemon from the above image:
docker run -d \
  --name=CloudflareTLSDNS \
  --restart=unless-stopped \
  -p 53:53/udp \
  itinnovations/cloudflaretlsdns

 

  • Configure all clients to point to the IP address of the Docker Host for DNS.

One thought on “Raspberry Pi Docker Container to send all LAN DNS requests to Cloudflare’s 1.1.1.1 DNS over TLS”

Leave a Reply

Your email address will not be published. Required fields are marked *