DNS

Depends on who is going to be using it.
1.1.1.1 & 1.0.0.1 but almost always cached by the firewall.
1.1.1.3 & 1.0.0.3 as upstream for PiHole with a load of Hagezei adlists if the network had a chance of anyone I don't trust or know.
 
Just to check, when you say you're changing it on the router, do you mean you're changing your DHCP settings or are you altering the router's own DNS?
 
squerble said:
Just to check, when you say you're changing it on the router, do you mean you're changing your DHCP settings or are you altering the router's own DNS?
Click to expand...

Depends.
If you change the router DNS, you can point all clients at your router for their DNS as the router will upstream to whatever you've set. If you set DHCP settings then you can point differing networks at different servers but increase your WAN traffic by a negligible amount.
 
The numbers don't lie, Quad9 DoH is fastest for me, and my router is faster than a pi-hole with the same settings, however, Mikrotik don't support http/2 or later as yet so I'm stuck with Cloudflare DoH.

Code: 
Cloudflare

Statistics:

  Queries sent:         494
  Queries completed:    494 (100.00%)
  Queries lost:         0 (0.00%)

  Response codes:       NOERROR 494 (100.00%)
  Average packet size:  request 28, response 108
  Run time (s):         5.017657
  Queries per second:   98.452325

  Average Latency (s):  0.025857 (min 0.016828, max 0.095003)
  Latency StdDev (s):   0.013673

Connection Statistics:

  Connection attempts:  20 (20 successful, 100.00%)

  Average Latency (s):  0.157950 (min 0.064650, max 0.272031)
  Latency StdDev (s):   0.060237

DNS-over-HTTPS statistics:

  HTTP/2 return codes:  200: 494
 
  Quad9
 
  Statistics:

  Queries sent:         494
  Queries completed:    494 (100.00%)
  Queries lost:         0 (0.00%)

  Response codes:       NOERROR 494 (100.00%)
  Average packet size:  request 28, response 108
  Run time (s):         5.015598
  Queries per second:   98.492742

  Average Latency (s):  0.026009 (min 0.016370, max 0.123115)
  Latency StdDev (s):   0.013792

Connection Statistics:

  Connection attempts:  20 (20 successful, 100.00%)

  Average Latency (s):  0.156636 (min 0.062927, max 0.251055)
  Latency StdDev (s):   0.058635

DNS-over-HTTPS statistics:

  HTTP/2 return codes:  200: 494
 
  Router Cache
 
  Statistics:

  Queries sent:         500
  Queries completed:    500 (100.00%)
  Queries lost:         0 (0.00%)

  Response codes:       NOERROR 500 (100.00%)
  Average packet size:  request 34, response 60
  Run time (s):         5.000294
  Queries per second:   99.994120

  Average Latency (s):  0.002693 (min 0.002014, max 0.042562)
  Latency StdDev (s):   0.002539

  pihole Cache
 
  Statistics:

  Queries sent:         500
  Queries completed:    500 (100.00%)
  Queries lost:         0 (0.00%)

  Response codes:       NOERROR 500 (100.00%)
  Average packet size:  request 34, response 60
  Run time (s):         5.000256
  Queries per second:   99.994880

  Average Latency (s):  0.003391 (min 0.002308, max 0.050594)
  Latency StdDev (s):   0.003677
 
How about DNS over tor ? Granted latency will be compromised but if it's privacy you want ....

[OpenWrt Wiki] Tor client

openwrt.org openwrt.org

Also can someone explain the overwhelming support for quad9 ?
Never heard of them until this thread and at face value looks just as shady as Google, Cloud flare etc
 
Last edited:
Ad_Augendae said:
Privacy
Click to expand...

Quad9 is a non-profit foundation that provides a free, public DNS resolver focused on cybersecurity and user privacy. It blocks malicious websites like those involved in malware, phishing, and spyware, and does not collect or sell user data. The service is supported by donations and sponsorships from organizations like IBM, Packet Clearing House, and the Global Cyber Alliance, which was founded via a criminal asset forfeiture, and is headquartered in Switzerland to be subject to its strong privacy laws.
Click to expand...

Quad9 is not owned by a single entity but is operated by the Quad9 Foundation, a Swiss-based, non-profit public-benefit foundation. It was created through a collaboration between the Global Cyber Alliance (GCA), Packet Clearing House (PCH), and IBM. The foundation operates on donations and sponsorships and is dedicated to providing a secure and private DNS service for free.
Click to expand...

I say BS to this .... there's no such thing as a free lunch
 
Yeah you can't make this **** up

GLOBAL CYBER ALLIANCE UK LIMITED overview - Find and update company information - GOV.UK

GLOBAL CYBER ALLIANCE UK LIMITED - Free company information from Companies House including registered office address, filing history, accounts, annual return, officers, charges, business activity
find-and-update.company-information.service.gov.uk find-and-update.company-information.service.gov.uk

Registered office address C/O City Of London Police 3rd Floor, Guildhall Yard East, London, United Kingdom, EC2V 5AE
Click to expand...
 
At some point. Someone, somewhere is going to have to resolve your requests. Do I implicitly trust a company with my data? No. Do I need to care though that someone can see me resolving icanhas.cheezburger.com? Equally no.
 
You must log in or register to reply here.
Back
Top Bottom