• Achsonaja
    link
    fedilink
    English
    arrow-up
    5
    ·
    7 months ago

    Why not run unbound for a recursive resolver? Seems like a more private DNS solution

    • amigan@lemmy.dynatron.me
      link
      fedilink
      English
      arrow-up
      3
      ·
      edit-2
      7 months ago

      I have straight bind running on my network already for local zones, it would be easy enough to switch it to be a root resolver. The only problem is it’s a lot slower. I use DoT to cloudflare for non-local zones (using blocky); if you run a root resolver, your DNS traffic is all in the clear. Not like it truly matters but I wouldn’t put it past my ISP to do DPI on DNS traffic to try to sell my data.