Follow

I would be interested to know what you guys' approach to DNS servers is. Do you just use whatever your ISP provides? Or do you set up your own DNS server? Do you use a privacy oriented third party? Or I have even heard of a DNS server that runs on the client machine itself (Unbound) that directly caches from the DNS root servers? Anyway would like to know the general opinion here...

Feel free to boost for visibility.

(Chaosradio on this topic in German... chaosradio.de/cr250-dns )

@gabor I use a mix of all that you say, except using the ISP's DNS servers.
I have a caching DNS server on site which forwards unknown requests to a public DNS server public-dns.info/

If I want a more granular DNS restriction (i.e. on a client's single task PC that only needs access to certain web resources), I use unbound to build my own DNS rules for that PC or group of PCs.

Sadly, I still use Google's DNS servers for testing purposes when things go wrong 😢

@pswilde @gabor got a pihole which goes through a dns/tls forwarder. unfortunately it uses goog bc of performance issues on quad9 and cloudflare . i may try DoH and see if i get better results, but they were slow enough to trash my network :/

@gabor I just go ahead and use LibreDNS for my chromium fork.

@gabor filtering unbound on my VPS (for wireguard tunnels while mobile) and at home. It's forwarding to a bunch of providers round-robin so nobody sees it all.

It's described in part of this: mark-brandis.gitlab.io/blog/po

@gabor I use Pinole with UncensoredDNS set as the upstream DNS

@gabor I just use whatever, but I also assume all networks are hostile networks. I do use Tor a fair bit for privacy, though, and then I make sure DNS is tunneled as well.

@gabor 9.9.9.9 on all my devices. I might get around to setting up DNS caching at some point though.

@gabor I use Mullvad VPN on both my computer and phone. Their app let's me use their DNS for enhanced ad-blocking and tracking.

Sign in to participate in the conversation
Fosstodon

Fosstodon is an English speaking Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.