for more info on what this is, check here. i suggest using either unbound or stubby. as DOT is the most secure method, i have no plans on introducing plaintext DNS (port 53) or DNS over HTTPS (port 443).
Feedback or questions, please let me know!
server:
tls-cert-bundle: /etc/ssl/certs/ca-certificates.crt
forward-zone:
name: ".",
forward-addr: [email protected]
forward-addr: [email protected]
forward-addr: [email protected]example stubby config:
upstream_recursive_servers:
- address_data: 104.244.72.77
tls_port: 853
tls_auth_name: "t1.leech.ie"
- address_data: 199.195.249.193
tls_port: 853
tls_auth_name: "t2.leech.ie"
- address_data: 209.141.45.244
tls_port: 853
tls_auth_name: "t3.leech.ie"