Unbound + Stubby for dummies

Started by hushcoden, February 18, 2022, 11:21:40 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
February 18, 2022, 11:21:40 PM Last Edit: February 19, 2022, 05:57:34 PM by hushcoden
I found this guide here and I'm not sure which benefit stubby brings, can someone elaborate in 'plain english' ? ::)

Also, why using port 8053 ?

What about DNSCrypt?

I'm trying to learn the differnet options for DNS servers encryption.

Tia.
February 21, 2022, 03:04:16 PM #1 Last Edit: February 21, 2022, 03:08:05 PM by cookiemonster
Benefits in this regard will be subjective.
For me Stubby gives me the benefit of flexibility at the expense of user friendliness. I can use the resolvers I want, select round-robin if I want, and mix reosolvers that need pinsets and those that don't.
I am confident with command line and modifying config files. I don't need a UI for those tasks. The config files has a number of attibutes I can use if I want it. The main drawback is the lack of logging.
In short, Stubby gives me what I want in a way that I like and is configurable enough.

The arbitrary port is because it runs as a service ordaemon, so it needs a port to be connected to. It doesn't have to be 8053 but it needs to be free.
February 21, 2022, 07:48:35 PM #2 Last Edit: February 21, 2022, 08:20:03 PM by ajm
FWIW, I chose just to use the available DNS over TLS feature of Unbound, along with a lightly filtered DNS service from Quad9. (Check 'em out, I think they're 'good guys' and warrant support.)

I'd previously been using Stubby/DNSmasq (on OWRT) and Unbound now does the same but with simpler setup, AFAICS.

I've not really looked into the other 'secure' or 'filtered' DNS services available, as they seem to be overkill for my specific needs. The edge devices here are all quite well-managed as regards 'content protection', so going for complex network-based protection isn't really justified. IoT, Android, etc. are all forbidden from my network !
Print
Go Up Pages1
User actions