Choosing a Public DNS Resolver

Bender 23 minutes ago | parent | next [-]

I use Unbound locally as a DoH server. The Alpine Linux Unbound package is compiled with libnghttp2, required for the built in DoH listener. That's more than enough to enable ECH [1].

I pre-cache all the domains I use hourly via cron. My ISP is not going to dork with my DNS requests and their employees are bigger deviants than I. If I ever started browsing the web from a phone I would just set up my own public DoH server. It only takes a few minutes and gives me my own query logs for debugging weird issues.

[1] - https://tls-ech.dev/

	▲	harshreality 7 minutes ago \| parent \| next [-]
		Why pre-cache? For speed... what is it, 30-50ms at most? If the authoritative server's TTL is <60minutes, do you force it to 3600? Do you audit all the connections that occur for every website you visit, collect all the domains hosting assets, and pre-cache those as well, or is the main site's domain the only critical one because that affects perceived latency the most?
	▲	kingo55 4 minutes ago \| parent \| prev [-]
		> I pre-cache all the domains I use hourly via cron. How does this look? Shell script querying a list of hostnames? What qualifies as a domain you use?

▲

kingo55 7 minutes ago | parent | prev | next [-]

It would be nice if a site like this could offer a basic speed comparison test to your local network.

Imagine seeing response times at P90 for a series of random lookups and comparing the median response times.

▲

_def 31 minutes ago | parent | prev | next [-]

quad9 seems fine. Glad there are a bunch of alternatives though. We should never stop practicing decentralization in the net.

▲

degenerate 15 minutes ago | parent | prev | next [-]

9.9.9.9 with 1.1.1.1 as secondary

▲

denkmoon 38 minutes ago | parent | prev [-]

9.9.9.9 is all you need