Should I be using DNS over HTTPS or DNSSec ?
Should I be routed all DNS queries through Cloudflare as Mozilla suggests?
Or a non profit or a community solution?
Should I self host DNS or is it even worth the trouble?
How do these square with VPN best practices of using the VPN’s DNS to avoid DNS leaking.
Having read up on it; im experimenting with setting Firefox to use DNS over HTTPS with Quad9 as my provider and having my home network default to Quad9 for vanilla DNS resolution.
Summary of Quad9 from Wiki:
Quad9 is a nonprofit public-benefit organization supported by IBM, Packet Clearing House (PCH), Global Cyber Alliance (GCA), and many other cybersecurity organizations for the purpose of operating a privacy-and-security-centric public DNS resolver.[1][2] Its main differentiation from other open DNS resolvers is that it automatically blocks domains known to be associated with malicious activity,[3][4] does not log the IP addresses of queries users send to it,[5] and have no commercial intention to profit from or distribute data obtained from end-users or partners.[5]
ISP’s default DNS has been suspect for a good long while. I periodically have tried OpenNIC in the past as a community alternative but it breaks to frequently. Haven’t really used OpenNIC in a few years. Mainly because breaking home DNS resolution means breaking it for more than me in the past few years.
If I remain happy with this, I can likely marked it resolved.
1 Like
domain names are a racket. i long for dns insurrection and the downfall of the root server hegemony
1 Like
by which i mean, sick, this looks cool, i didnt know about quad9
1 Like