|
|
|
|
|
|
by rsync
2073 days ago
|
|
|
Here is what I did ... First, I created my own recursive resolver in the cloud using 'unbound'. You can do this quickly and easily with an EC2 instance or whatever (mine is a FreeBSD jail on my own server). Second, I got a paid nextdns.io account and enabled the basic blocklists which are, essentially, the same as ublock origin would have locally. Third, I set my recursive resolver to use the nextdns.io endpoint as its upstream source of DNS. Finally, I set all of my networks to assign my personal DNS server (and no others) for all DHCP requests and I hardcoded it into my own machines. So now I control my own dns, globally, and my upstream source of name resolution is "sanitized". Theoretically, I could just remove ublock origin from my browsers now ... Then I |
|
|
Doesn't that relegate your recursive resolver to a stub?
You could run pi-hole on fly.io for free if DoT/DoH is all you need: https://fly.io/blog/stuff-your-pi-hole-from-anywhere/
I run a public DoH resolver with 170+ blocklists on Cloudflare Workers. Might open source it soon.