Dear all,
At the moment, I using dnscrypt-proxy to send encrypted dns connection to 3party. AFAIK, it will be safer to configure unbound recursive resolver to prevent 3 party misuse of dns data and we don't know how the 3 party handle the data.
I tried searching it but cannot find it. Please point me a guide if you have one. Thanks.
Simply enabling Unbound will make it act as a recursive resolver, that is, it will send the dns queries upstream to the root servers.
Those queries will not be encrypted if that matters to you.
Quote from: cookiemonster on December 30, 2024, 03:20:31 PMSimply enabling Unbound will make it act as a recursive resolver, that is, it will send the dns queries upstream to the root servers.
Those queries will not be encrypted if that matters to you.
I thought recursive resolver means it will handle the dns query rather than it send to upstream servers. Please explain.
That's what it does by default. No configuration necessary. Enable Unbound, make client systems use Unbound (via DHCP) - done.
If you also want to prohibit DoH and DoT used e.g. by browsers, I can share a write up of my own setup tomorrow.
Point is: local recursive DNS server or "resolver" is how the Internet has worked for decades. It's the default mode. Nothing elaborated to configure here.
OK, Thanks for reply.