Jump to content
Not connected, Your IP: 3.17.154.144
x-x

Do you have your own DNS Servers

Recommended Posts

Posted ... (edited)

Hello - I am a complete novice when it comes to DNS.  I have been using Cloudflare 1.1.1.1 - 1.0.0.1 to connect my router and OS to the internet. I am concerned about being tracked and would like to know, do you have your own IP DNS numbers for IPV4 + IPV6 that we can use?

Thank you

Edited ... by x-x

Share this post


Link to post
4 hours ago, x-x said:

I am concerned about being tracked


You will always be tracked, neither VPN nor DNS servers will help you with that. What you can do is minimize the impact.

I'm running a PiHole in the network. Upstream servers are my ISP's, Quad9 and two from OpenNIC. Some people use Google Public DNS or OpenDNS, I'd avoid those.

NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT.

LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too!

Want to contact me directly? All relevant methods are on my About me page.

Share this post


Link to post

Thank you for your reply Opnsourcerer.  I will look into your method to understand a bit more about it.  I have seen some No Logs DNS servers that look legitimate; I will give those a go later.  It is interesting that security around not being tracked 100% has still not been perfected.

PS, I would never use google unless I wanted to be tracked, for example for business purposes.

Share this post


Link to post
On 10/6/2022 at 11:17 AM, OpenSourcerer said:

You will always be tracked, neither VPN nor DNS servers will help you with that. What you can do is minimize the impact.

I'm running a PiHole in the network. Upstream servers are my ISP's, Quad9 and two from OpenNIC. Some people use Google Public DNS or OpenDNS, I'd avoid those.

Why not AirVPN's DNS servers?

Share this post


Link to post
On 8/19/2023 at 3:37 PM, rx_man123 said:

Why not AirVPN's DNS servers?


Because that necessitates running a VPN connection, which necessitates monitoring it and reacting to incidents, even if not at home. Which might necessitate investing time at the most untimely of times – right when I need them but can't use them.

NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT.

LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too!

Want to contact me directly? All relevant methods are on my About me page.

Share this post


Link to post
1 hour ago, OpenSourcerer said:

Because that necessitates running a VPN connection, which necessitates monitoring it and reacting to incidents, even if not at home. Which might necessitate investing time at the most untimely of times – right when I need them but can't use them.

last I looked there's somebody that's been connected since last Christmas to the same server.  I think the servers are reliable enough to use them ;)

Share this post


Link to post
8 minutes ago, go558a83nk said:

last I looked there's somebody that's been connected since last Christmas to the same server.  I think the servers are reliable enough to use them ;) 


That they are. But I didn't question that to begin with, did I? ;)

NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT.

LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too!

Want to contact me directly? All relevant methods are on my About me page.

Share this post


Link to post
On 10/6/2022 at 11:43 AM, x-x said:

Hello - I am a complete novice when it comes to DNS.  I have been using Cloudflare 1.1.1.1 - 1.0.0.1 to connect my router and OS to the internet. I am concerned about being tracked and would like to know, do you have your own IP DNS numbers for IPV4 + IPV6 that we can use?


I have pi-hole setup as a recursive dns server using unbound and then I use Mullvad as my DoT provider. This way you get the benefit of no one server being able to fully log the exact paths you’re going by setting up unbound as a recursive DNS. This is important as all DNS requests are sent to authoritative servers in plain text.

Then by using a DNS provider for DoT/DoH, you are also encrypting traffic in transit, which provides privacy from your service provider..

If you are interested in doing something like that check out pihole unbound guide.

after setting up unbound edit
/etc/unbound/unbound.conf.d/pi-hole.conf

and add the following for DoT
 
tls-cert-bundle: /etc/ssl/certs/ca-certificates.crt

    forward-zone:
     name: "."
     forward-tls-upstream: yes
     # Cloudflare
     forward-addr: 1.1.1.1@853
     forward-addr: 1.0.0.1@853

You can then check to see if it worked using 1.1.1.1/help or if you choose a different provider, they usually have their own page you can check.

The other added benefit of DoT/DoH as it seems to fix the issue Windows has with leaking DNS when using something like pi-hole (instead of AirVPN DNS). Now when I have it setup with the Eddie Client only the Mullvad DNS servers show up.

Share this post


Link to post
Posted ... (edited)

There's no way to avoid being tracked, if you do care about the privacy, why not use port forwarding + reverse proxy?

Edited ... by firefox154

Share this post


Link to post

Well, if you are connected to AirVPN via Wireguard, you can set your DNS server to 10.128.0.1. This holds regardless of which AirVPN server you are connected to, as long as you are using Wireguard. By running AirVPN on your wifi router or between your wifi router and your ISP, you can directly replace cloudflare with AirVPN. I use a script like this to automatically switch between AirVPN servers whenever any of them go down. image.png.0f42f4da7eafd55fdd17733e90d6b6ac.png
I hereby release this bash script for all to use under the 0BSD license.
You can add as many AirVPN servers as you like to maximize reliability, but I find that 5 are enough for me.
This script simply ping-tests  the currently connected AirVPN server. The moment the current AirVPN server fails to respond within 0.5 seconds, the router switches to a different AirVPN server. This will keep your DNS running as long as at least 1 of the AirVPN servers you put into rotation are still working.

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...