Is that over kill ? Using 8 dns servers in pihole

Is that over kill ? :joy::joy:

NOTE: I’m using dns.watch (as you see, lol) & those other DNS servers from opennic (Not from same country — one from Canada, one from Netherlands, one from France & one from Germany & all of them are no logs & DNSCrypt) so is that over kill or its normal at these days with surveillance, FB & all other companies

I don’t understand your screenshot, but I seem to have 6 providers enabled in my unbound.conf.d/dns-over-tls.conf which in amount of IP addresses would be 18.

My goal is to not centralize my DNS queries on a single DNS provider and have DoT (which is the only encryption Unbound supports) also on port 443 to have the benefit of DoH, so even if something went down it wouldn’t affect me so much.

I am not familiar with Pi Hole, are your DNS queries encrypted or are you just sending them to those servers in plaintext allowing your ISP to hijack them into their DNS servers and track them due to usual DNS being in plaintext? Anyone in the middle of you and the target DNS server could track them due to not having encryption.

You do mention DNSCrypt though, but the custom servers don’t have stamps or anything that would hint to me that it’s in use.

2 Likes

Oh, have you performed extended DNSLeaktest ?

I think I only see these four because of my IPv6 preferring config, otherwise there would probably be more. These appear to be:

I also have aggressiveish caching enabled which can possibly affect the test.

3 Likes

yup thats why i added those :joy:

yes sending them in plaintext thats why i selected DNSCrypt

the man in the middle wont work here, its local server so yeah (okay webpage in http not https but its still local & i’m only one in my network so yeah no one can get my quires list & even i can stop app from recording it or add more stronger password but i feel fine :joy:

Yes i did & it seems dns.watch keep leaking :joy: (with France DNS) but all other is fine (or not working :V)

& can i ask what these links ? :joy: first one not working (because my ISP blocking http websites & i tried make it https but i went to blog & those others are dns provider ? & last one is not working “Soon” so yeah

Blahdns Switzerland indeed forward to switch.ch. Cuz that server doesnt have IPv4, only IPv6. So there will be some issue which most domain name server doesnt have IPV6 may fail to do DNS resolution.

1 Like