I have a raspberry pi with Pi-hole with unbound active on my home network. I have a computer with IVPN installed which is a commercial VPN service similar to ProtonVPN, PIA etc.
My computer is running the IVPN desktop application and the DNS is routed through IVPN.
Is it possible to route my DNS through the Pi-hole instead?
If so, is the DNS encrypted?
I am attaching a screenshot of the desktop application which appears to allow me to change the DNS traffic to another source. If this appears to be the solution, would I enter 127.0.0.1#5335 into the IP address box and choose DNS over HTTPS?
In your current configuration, it likely is not. Our guide configures unbound as a recursive resolver, which means the DNS traffic is clear text all the way to the nameservers and back.
If you intend to use Pi-hole for your DNS while running VPN, you will need to make some changes to get encrypted DNS leaving your network.
This can be done by configuring unbound as a forwarding resolver with encryption. Or, you can use a number of other encrypted DNS solutions - Cloudflared, Stubby, DNSCrypt, etc.
Regarding the screenshot above, do I put the ip address of my raspberry pi 192.168.1.12 in the box or do I put the unbound ip address 127.0.0.1#5335 in the box?
Do you know of any good tutorials on encrypting DNS with unbound?
