I would be interested to know what you guys' approach to DNS servers is. Do you just use whatever your ISP provides? Or do you set up your own DNS server? Do you use a privacy oriented third party? Or I have even heard of a DNS server that runs on the client machine itself (Unbound) that directly caches from the DNS root servers? Anyway would like to know the general opinion here...

Feel free to boost for visibility.

(Chaosradio on this topic in German... chaosradio.de/cr250-dns )


@gabor I use a mix of all that you say, except using the ISP's DNS servers.
I have a caching DNS server on site which forwards unknown requests to a public DNS server public-dns.info/

If I want a more granular DNS restriction (i.e. on a client's single task PC that only needs access to certain web resources), I use unbound to build my own DNS rules for that PC or group of PCs.

Sadly, I still use Google's DNS servers for testing purposes when things go wrong 😢

@pswilde @gabor got a pihole which goes through a dns/tls forwarder. unfortunately it uses goog bc of performance issues on quad9 and cloudflare . i may try DoH and see if i get better results, but they were slow enough to trash my network :/

Sign in to participate in the conversation

Fosstodon is an English speaking Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.