Hi,
I cant seem to get a solid simple answer.
Which is better and gives the most advantage unbound or encrypted DNS?
What do you Use and why?
Likely because there is no universally applicable answer.
Only you can find the answer that specifically applies to you.
Also, this has been discussed a few times, e.g. see Best secure and privacy options for DNS.
It depends on what you want. Unbound can act as either a recursive resolver (going directly to the authoritative nameservers, not encrypted), or you can configure it to be a forwarding resolver and it can enrypt DNS queries to an upstream resolver like Cloudflare, Quad9, etc.
In my opinion, recursive DNS is more private because you cut out the third party DNS service completely. There are two cases where encrypted DNS is useful:
- Your ISP hijacks or tampers with DNS traffic.
- You are using a VPN service and want to route your DNS traffic through Pi-hole without causing a DNS leak.
Personally, I run unbound in recursive mode.
Thanks For your reply. I'm going to choose unbound. Just a quick question how do i update unbound?
Unbound is updated with your existing package installer. When you run sudo apt update and sudo apt upgrade, you will get the latest unbound version for your distribution.
Do i need to change these to my local address range under the config 192.168.1.X?
Ensure privacy of local IP ranges
private-address: 192.168.0.0/16
private-address: 169.254.0.0/16
private-address: 172.16.0.0/12
private-address: 10.0.0.0/8
private-address: fd00::/8
private-address: fe80::/10I ask this as some sites I've read up from say to change them and the other say to leave them as they are?
Leave them as they are. No need to change them.
This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.