• Some users have recently had their accounts hijacked. It seems that the now defunct EVGA forums might have compromised your password there and seems many are using the same PW here. We would suggest you UPDATE YOUR PASSWORD and TURN ON 2FA for your account here to further secure it. None of the compromised accounts had 2FA turned on.
    Once you have enabled 2FA, your account will be updated soon to show a badge, letting other members know that you use 2FA to protect your account. This should be beneficial for everyone that uses FSFT.

What is your go to DNS that is not Google's 8.8.8.8/4.4.4.4

Format _C:

Format _C:

Supreme [H]ardness
2FA
Joined
Jun 12, 2001
Messages
4,135
What is your go to DNS that is not Google's own 8.8.8.8/4.4.4.4 servers
I am using my WRT32X as an ethernet bridge as the WiFi on my PC sucks and I want to change the DNS from Googles DNS servers that the place I am in is using
I know how to do the change I am just looking for suggestions to see what other [H]ardForum members are using for DNS


PS: I know I could search the web for this however I wanted people's opinion on the matter.

Thanks
 
AdGuard DNS for like 20 bucks a year. Before that I was using OpenDNS, also like 20 bucks a year.
 
Format _C: said:
How do I do that with OpenWRT?
Click to expand...
Not sure if the UI config supports it, but dnsmasq probably supports it somehow. Otherwise, the way I do it is with adguardhome (wiki has a setup guide). You can configure your own certs and DoT into agh, or you can just do regular dns and have agh fetch via DoT/etc.

In luci, the dns is set under your lan interface's advanced tab (and "ipv6 settings" under the dhcp tab, if you have ipv6 networking/devices).

I use these adguardhome settings for cloudflare dns:
IMG_20260510_200906.jpg
IMG_20260510_200949.jpg
 
Last edited:
Format _C: said:
How do I do that with OpenWRT?
Click to expand...

Not using OpenWRT myself. so afraid I can't answer that from personal experience. A DDG search pulls up a a few pages. Also maybe look into DNS-over-HTTPS (DoH), which does the same thing just implemented a bit differently.

My setup is just Pi-Hole+Unbound running in their own containers.
 
I run two Pi-hole's with Unbound which is on my OPNsense router.

I've also played with Technitium, which is incredibly powerful. Maybe some day I'll actually make the switch to it from Pi-hole. https://technitium.com/dns/
 
Vermillion said:
I run two Pi-hole's with Unbound which is on my OPNsense router.

I've also played with Technitium, which is incredibly powerful. Maybe some day I'll actually make the switch to it from Pi-hole. https://technitium.com/dns/
Click to expand...

I've been looking at Technitium as well. Have it installed, and it looks interesting. It's not quite as straight-forward for ad-blocking as Pi-Hole is, but I believe it could replace both Pi-Hole and Unbound.

But there are at least a half-dozen things I want to get done first.
 
BlueLineSwinger said:
I've been looking at Technitium as well. Have it installed, and it looks interesting. It's not quite as straight-forward for ad-blocking as Pi-Hole is, but I believe it could replace both Pi-Hole and Unbound.

But there are at least a half-dozen things I want to get done first.
Click to expand...
I started with Technitium for about a year, then moved to Pi-Hole for a few years, and now use AdGuard DNS because I don't want to maintain a machine at the moment.

All are pretty easy to deal with, although I prefer Pi-Hole if I'm going to maintain an on-prem device.
 
OPNsense Unbound DNS pointing to the NextDNS client (locally) at home or Adguard on Android pointing to NextDNS.
 
CrimsonKnight13 said:
OPNsense Unbound DNS pointing to the NextDNS client (locally) at home or Adguard on Android pointing to NextDNS.
Click to expand...
Why do you have Unbound pointing to NextDNS instead of the default authoritative root servers? Ad and site filtering?
 
Encrypted DNS :)
I require this for "reasons" (I don't live in the united states anymore).

Code: 
tls cloudflare-tls {
    ca-file "/etc/ssl/certs/ca-certificates.crt";
    remote-hostname "cloudflare-dns.com";
};

options {
    directory "/var/cache/bind";

    forwarders {
        1.1.1.1 port 853 tls cloudflare-tls;
        1.0.0.1 port 853 tls cloudflare-tls;
    };

    forward only;

    dnssec-validation auto;

    listen-on-v6 { any; };
};
 
vxspiritxv said:
Encrypted DNS :)
I require this for "reasons" (I don't live in the united states anymore).

Code: 
tls cloudflare-tls {
    ca-file "/etc/ssl/certs/ca-certificates.crt";
    remote-hostname "cloudflare-dns.com";
};

options {
    directory "/var/cache/bind";

    forwarders {
        1.1.1.1 port 853 tls cloudflare-tls;
        1.0.0.1 port 853 tls cloudflare-tls;
    };

    forward only;

    dnssec-validation auto;

    listen-on-v6 { any; };
};
Click to expand...
How and where do you enter that code?
 
Format _C: said:
Is that possible with OpenWRT?
Click to expand...
The BIND dns server? Yes, but it's maybe overkill on most routers. https://techinfo.brainbuz.org/posts/openwrt-bind/
There may be better instructions on the openwrt forums or wiki, just didn't feel like searching them specifically.

I think unbound or adguardhome are better options, if you don't want to run a separate server device. They're both pretty lightweight, and fairly well supported on openwrt.

https://unbound.docs.nlnetlabs.nl/en/latest/topics/privacy/dns-over-https.html
 
You must log in or register to reply here.
Back
Top