dns

created  2025/11/19
category internet
views    47

it was dns

quad9

the dns resolve i use since it is easy to remember and not cloudflare. if you find the https resolver is slow you can use the dns11 subdomain instead, which has [ecs](https://quad9.net/support/faq/#edns) (tl;dr leaks some ip address data to improve performance of cdn)

ipv4: `9.9.9.9` & `149.112.112.112`

ipv6: `2620:fe::fe` & `2620:fe::9`

https: `https://dns.quad9.net/dns-query`

tls: `tls://dns.quad9.net`

official website

run your own dns resolver!

do not assume dns or the resolver you're using isn't being messed with! there are several options for this. i[^*] recommend unbound for ease of use, robustness, and availability on all popular operating systems

unbound

on mainstream Linux distributions, it should be enough to install the package, enable the service and change your network configuration to use `127.0.0.1` as the primary resolver. if you own a router or access point that runs [openwrt](/wiki/openwrt.html), enabling unbound or some other validating resolver can be done via LuCI

instructions for unbound on openwrt 24.10

[^*]: this section is based on [this thread](https://movsw.0x0.st/notes/af4zfhzfzl61nw9n) by mia of 0x0.st