From 973349592ed4e5f9f5b0ed58715b8a1941a39fa4 Mon Sep 17 00:00:00 2001
From: Miek Gieben <miek@miek.nl>
Date: Tue, 20 Nov 2018 21:16:54 +0100
Subject: [PATCH] plugin/forward: make tls config more clear (#2326)

Automatically submitted.
---
 plugin/forward/README.md | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/plugin/forward/README.md b/plugin/forward/README.md
index c0a426aab..fe32116b6 100644
--- a/plugin/forward/README.md
+++ b/plugin/forward/README.md
@@ -79,7 +79,9 @@ forward FROM TO... {
     The server certificate is verified using the specified CA file
 
 * `tls_servername` **NAME** allows you to set a server name in the TLS configuration; for instance 9.9.9.9
-  needs this to be set to `dns.quad9.net`.
+  needs this to be set to `dns.quad9.net`. Multiple upstreams are still allowed in this scenario,
+  but they have to use the same `tls_servername`. E.g. mixing 9.9.9.9 (QuadDNS) with 1.1.1.1
+  (Cloudflare) will not work.
 * `policy` specifies the policy to use for selecting upstream servers. The default is `random`.
 * `health_check`, use a different **DURATION** for health checking, the default duration is 0.5s.
 
@@ -160,6 +162,18 @@ service with health checks.
 }
 ~~~
 
+Or with multiple upstreams from the same provider
+
+~~~ corefile
+. {
+    forward . tls://1.1.1.1 tls://1.0.0.1 {
+       tls_servername loudflare-dns.com
+       health_check 5s
+    }
+    cache 30
+}
+~~~
+
 ## Bugs
 
 The TLS config is global for the whole forwarding proxy if you need a different `tls_servername` for