Red@reddthat.com to Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ@lemmy.dbzer0.comEnglish · 5 months agoGoogle, Cloudflare & Cisco Will Poison DNS to Stop Piracy Block Circumvention * TorrentFreaktorrentfreak.comexternal-linkmessage-square25fedilinkarrow-up11arrow-down10file-text
arrow-up11arrow-down1external-linkGoogle, Cloudflare & Cisco Will Poison DNS to Stop Piracy Block Circumvention * TorrentFreaktorrentfreak.comRed@reddthat.com to Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ@lemmy.dbzer0.comEnglish · 5 months agomessage-square25fedilinkfile-text
minus-squareDomi@lemmy.secnd.melinkfedilinkEnglisharrow-up0·5 months agoIs it possible to get unbound to talk to the root servers via TLS/HTTPS by now? I’m currently using Quad9 because they support DNS over TLS and DNS over HTTPS.
minus-squareout@lemmynsfw.comlinkfedilinkEnglisharrow-up0·5 months agoNot sure you would even need encryption. Surely It can’t be illegal to ask the root servers (and all the other DNS servers involved, because the root servers only have IPs for TLD DNS servers) for IPs
minus-squareDomi@lemmy.secnd.melinkfedilinkEnglisharrow-up0·5 months agoNot illegal but it leaves all your DNS lookups in plain text with your ISP, which just doesn’t sit right with me. Not that the ISP in my country would care.
minus-squareNullGator@lemmy.calinkfedilinkEnglisharrow-up0·5 months agoYes its possible 👍 Use: forward-zone: forward-addr: 9.9.9.9@853#dns.quad9.net
minus-squareDomi@lemmy.secnd.melinkfedilinkEnglisharrow-up0·5 months agoThat is what I’m doing currently but now unbound doesn’t talk to the root servers anymore, it sends all queries to Quad9. Both scenarios are not ideal because you always end up with one entity knowing all your queries.
Is it possible to get unbound to talk to the root servers via TLS/HTTPS by now?
I’m currently using Quad9 because they support DNS over TLS and DNS over HTTPS.
Not sure you would even need encryption. Surely It can’t be illegal to ask the root servers (and all the other DNS servers involved, because the root servers only have IPs for TLD DNS servers) for IPs
Not illegal but it leaves all your DNS lookups in plain text with your ISP, which just doesn’t sit right with me.
Not that the ISP in my country would care.
Yes its possible 👍
Use:
forward-zone: forward-addr: 9.9.9.9@853#dns.quad9.net
That is what I’m doing currently but now unbound doesn’t talk to the root servers anymore, it sends all queries to Quad9.
Both scenarios are not ideal because you always end up with one entity knowing all your queries.