My router runs Unbound in order to rotate queries across a number of different DNS-over-TLS providers. I'll toss these guys into the mix as well out of curiosity just to see how it goes.
Better to send your queries to a single DNS provider (over TLS/HTTPS) rather than spread it out, because now, not one but multiple providers can build your browsing history. As someone who runs a public DNS resolver, I can tell you that it isn't that hard to build user profiles.
If you're running Unbound, might as well recurse DNS queries, instead of upstreaming it. If you are adamant on spreading DNS queries across multiple upstreams; doing so over ODoH and/or Anonymized DNSCrypt is what I'd recommend.
>"Better to send your queries to a single DNS provider (over TLS/HTTPS) rather than spread it out, because now, not one but multiple providers can build your browsing history."
What I'm wary about is indeed query logging and profiling, but whether it's one provider or a dozen providers isn't that relevant to me. I make a small effort in trying to gauge which providers are honest and which ones are not.
>"As someone who runs a public DNS resolver, I can tell you that it isn't that hard to build user profiles."
Yes, I understand this. May I ask why you/RethinkDNS are doing this with your users' query data?
You will forgive me for thinking "mmmmmmm-hmmmmmm" when you say that after your initial comment on how easy it is in light of running a public resolver yourself.
Ideally, one should think that for every dns resolver they use.
As one example, even when a popular configurable dns resolver says they don't store logs outside the EU, they might yet be caching those logs and analytics with AWS and GCP servers all over the world.
Btw, Rethink is FOSS (https://github.com/serverless-dns/serverless-dns), and its deployment logs are inspectable right on GitHub. Not saying you should trust us, but that's already more transparency than most resolvers (speak nothing of vague / cute privacy policy). Any how, our focus with Rethink has mainly been anti censorship / anti surveillance, and nothing much else.
Given the restrictions on this server which won't be on the other, adding it to a rotating list will make DNS answers inconsistant. Why would you want to do that?
If you're running Unbound, might as well recurse DNS queries, instead of upstreaming it. If you are adamant on spreading DNS queries across multiple upstreams; doing so over ODoH and/or Anonymized DNSCrypt is what I'd recommend.