So Jow Forums, what's the best DNS servers to use?

I don't think so. I'm not letting my ISP see my traffic on my desktop computer.

I'm not so fussed with that, I just have it entered on at desktop level. I couldn't care less about the wireless devices.

So am I going for 1.1.1.1 or 9.9.9.9?

>I only kinda want a good solution

quad 9's. use quad 1's as backup.

I'm not that fussed about wireless devices because only I use a wired one. Green text all you like.

But where are you pulling from?

kek this.
has no idea how DNS works.

O have Lede/openwrt installed on my routers.

Should i install dnscrypt? Wouldn't It make my connection slower?

Just use a provider that supports TLS, and configure it on your device

I have a shitty superhub so I'm making do what with I have. The desktop level of DNS selection should suffice for what I'm after.

Don't they all support TLS?

If you're not using OpenNIC then you're a part of the botnet.

Attached: 1540096106432.jpg (927x960, 80K)

Opennic
servers.opennicproject.org/
I also use quad9 and it's secondary DNS. There is no reason to use 1.1.1.1
9.9.9.9
149.112.112.112
quad9.net/

>cloudfare botnet
No thanks. I use openDNS.

>openDNS
>He doesn't know

In terms of speed, quad9 beats OpenDNS.
hackernoon.com/dns-performance-comparison-google-quad9-opendns-norton-cleanbrowsing-and-yandex-d62d24e38f98

Run your own, faggot. It takes less than 10m to set up on a GNU/Linux machine.

Attached: 1506116749555.jpg (1496x1490, 675K)

>I don't think so. I'm not letting my ISP see my traffic on my desktop computer.
He doesn't mean your ISPs when he says "your own". He means hosting your own on a VPS. The same way when people ask what the best VPN provider is, the answer is "your own" hosted on your own VPS.

...

Ah, I understand. My bad.

But even if you host your own on a VPS you still have to pull from upstream. So if you host your own, where do you pull from?

Direct queries to the IANA root.

Attached: ifconfig.jpg (670x400, 202K)

What IP?

I use the standard hints file.
internic.net/domain/named.root

>DNS server
>domain name server server

MITMflare blocks sites such as archive.is due to hosting nazi content.

Attached: 24696.jpg (259x192, 9K)

>Domain Name System

the absolute state

He's a fucking moron.

it's both to be honest

u wot mVIII

Attached: file.png (1408x81, 26K)

Attached: its different defenitions though.png (680x260, 225K)

That's not Wikipedia bro.

OpenNIC. It allows access to new TLDs and you can register domains on it for free
opennic.org/

for example, when using opennic, I can visit nx.bit, grep.geek/, etc

Why would you want to visit those URL's?

Opennic
Includes niche tld access to uyghr .uu and furries .fur

Attached: 1511906415732.jpg (1000x1502, 256K)

Recursive resolve from root

Quad9 is a UK government botnet
1.1.1.1 is a CloudFlare botnet to further their mass-scale everlasting MiTM empire
OpenDNS is not open and owned by Cisco
You seem to know even less it seems.
This is the best choice if you don't want to run your own resolver agent.

Brainlet here
Can anything get censored? Do some obscure sites not work?

>Quad9 is muh UK govt botnet
>Based in Berkeley, CA
brainlet detected

208.67.220.220

>brainlet
I agree
>can anything get censored
Have an example:
Using something like 1.1.1.1 is like asking someone for some information. This person can choose to not tell you that information (censoring). Running your own resolver is like figuring out that information entirely by yourself. As for obscure sites, the only ones that wouldn't work are those using a nonstandard top level domain, you probably never visited one of those and never will.

8.8.8.8

You probably use Facebook too huh

>supported by GCA among others
>GCA founded by City of London Police among others
If you dig deep enough it makes sense :^)

Define what support typically means in this case. Financial grants? If so, you're assuming strings are attached with how they run the org?

Yeah, why?

unbound is neat as a resolver.

Where do you think does 1.1.1.1 or the thousands of ISP resolvers get their information? They use the exact same mechanism. It can only be censored if the registry deletes the zone delegation but that would effect all resolvers in the same way as your own. With your own you even could add it back. In unbound it's something like that to make it resolvable again.
forward-zone:
name: "deleted-domain.com"
forward-addr:
forward-addr:

If you want to know how a domain gets resolved have a look at dig +trace
>dig Jow Forums.org +trace @a.root-servers.net

I'm with the 1.1.1.1 gang

I went with 9.9.9.9 and 1.1.1.1 as secondary.

Imo bind

Using LEDE right now.
What's the easiest way to get dns over tls? Unbound coupled with the native dnsmasq? Dnscrypt?

And if both are commonly used, why would you just assume some meant domain name server server when there's an equally accepted alternative that makes much more sense? You're right, but tbqh the guy I replied to is still a dumbass tbqh and tbqh you're a dumbass too for sticking your nose in this shit tbqh to be quite tbqh honest

Oh guys, I just found out about DNS over HTTPS. Enabled it if it's supported by setting network.trr.mode to 2 in Firefox. It seems to work with Jow Forums and Google so far. You can switch from Cloudfare to Google if you want.

I use stubby

No, it's not. So it automatically wins.

/thread