top | item 45876396

(no title)

I used quad9 as the primary upstream DNS for my home. about 11 days ago I wasn't able to send any query to quad9, kinda blocking. Their status page was green I suspected my ip was blocked. Now I'm on quad1 :(

discuss

lcnPylGDnU4H9OF|3 months ago

Have you tried Mullvad?

https://mullvad.net/en/help/dns-over-https-and-dns-over-tls

TL;DR

dns.mullvad.net - 194.242.2.2 (no blocking)

adblock.dns.mullvad.net - 194.242.2.3 (ad and tracker blocking)

base.dns.mullvad.net - 194.242.2.4 (ad, tracker, malware blocking)

And others but I primarily use the last two. They offer it as a public service, similar to quad9.

styanax|3 months ago

Thanks to multiple mentions of Mullvad in this overall post comments, I decided to replace dnsmasq with unbound and convert the laptop to DoT. Here's the specific Mullvad snippet if anyone needs:

    # Mullvad Unfiltered
      forward-addr: 2a07:e340::2@853#dns.mullvad.net
      forward-addr: 194.242.2.2@853#dns.mullvad.net
    # Mullvad Adblock
    #  forward-addr: 2a07:e340::3@853#adblock.dns.mullvad.net
    #  forward-addr: 194.242.2.3@853#adblock.dns.mullvad.net

As mentioned in the default unbound config, the "#" is not a comment when used in the value, it's used for TLS checks. I followed this simple blog post from years ago: https://www.jwillikers.com/dns-over-tls-with-unbound