Author Topic: Unbound DoT - still recursive? (Read 1835 times)

GreenMatter · « **on:** June 23, 2020, 10:25:04 am »

After installing os-unbound-plus I can set list of nameservers (i.e. 9.9.9.9@853) to use for DoT. When having this done, is unbound still recursive DNS server?

RFGuy_KCCO · « **Reply #1 on:** June 24, 2020, 03:34:11 pm »

No, it is simply a Forwarder if you a forwarding all your DNS queries to a DoT provider.

GreenMatter · « **Reply #2 on:** June 25, 2020, 10:50:44 am »

Thanks. Thus either DoT or recursive DNS...
DoT should protect against DNS poisoning and ISP spying and recursive DNS could be more about securing your privacy (querying DNS Servers in "cascade" manner); am I right?

crt333 · « **Reply #3 on:** June 29, 2020, 03:26:29 pm »

I tried something yesterday that seems to give good DNS privacy. I always have a VPN tunnel open to a public VPN connection, which is required for this. So, I configure DoT using os-unbound-plus (really nice plugin), then I confgure unbound so that the outbound requests go over the VPN tunnel. The ISP can't see DNS queries because it goes over VPN, the VPN provider can't see DNS queries because of DoT, and the DNS server only gets my public VPN address so really any DoT DNS provider can be used.

Author Topic: Unbound DoT - still recursive? (Read 1835 times)

GreenMatter

Unbound DoT - still recursive?

RFGuy_KCCO

Re: Unbound DoT - still recursive?

GreenMatter

Re: Unbound DoT - still recursive?

crt333

Re: Unbound DoT - still recursive?