Hi All - I just wanted some advice to see if there is more I could do/consider to increase DNS privacy on my home internet setup.
Setup/situation is:
For DNS1 - can I improve this or is this as good as it gets using unbound?
For DNS2 - if I change the nextdns IP to the DNS-over-TLS/QUIC address in the dhcp settings - will this enable dns privacy on the 5-10% of dns queries that do not go through DNS1?
Thanks for any help on this.
Setup/situation is:
- wan dns set to ISP (no privacy) but not really used - see dhcp setup below
- I have a RPI as a dedicated dns / adguard device running dietpi with adguard and unbound
- all clients use dhcp with dns1 set to my RPI with adguard and unbound; dns2 set to nextdns
- 90% of dns are sent via dns1 (local adguard/unbound) and the remaining through nextdns
- using the dns script by @eibgrad I see everything is red with sender src being IP of my local adguard server
For DNS1 - can I improve this or is this as good as it gets using unbound?
For DNS2 - if I change the nextdns IP to the DNS-over-TLS/QUIC address in the dhcp settings - will this enable dns privacy on the 5-10% of dns queries that do not go through DNS1?
Thanks for any help on this.