DNS Over TLS - What are the recommendations for a home network?

buckaroogeek · October 17, 2021, 5:11pm

Fedora 35 will include built-in support for DNS Over TLS (DoT) if the upstream DNS provider supports it. If you use Android based phones or tablets, recent versions of the OS also use DoT. I would like to implement DoT on my home network and was wondering what other Fedora users are considering or already have in place? I currently use Pi Hole to provide DNS services on my home network with the Pi Hole server using a DNS Over HTTPS client as the ‘upstream’ DNS provider.

I see the following as desirable characteristics for a home or small office DNS service:

accepts standard DNS traffic (unencrypted TCP/UDP traffic on port 53) for clients that require it;
accepts DoT traffic if the client machine can use it;
provides ad blocking like the Pi Hole;
uses encryption to connect to the external DNS service (isp, or google, cloudflare, etc);
deployable via container(s)

thanks

dalto · October 17, 2021, 5:26pm

Just configure your pihole to use DoT instead of DoH if that is what you want.

That will meet all your needs except for 2 which could be done but doesn’t seem like it is worth the benefit.

Topic		Replies	Views
How do I use a DNS-over-HTTPS as the default DNS server system-wide (not on per-connection basis)? Ask Fedora kde , security , dns	2	192	November 22, 2024
Secure dns setup Fedora 37 Ask Fedora	5	973	January 10, 2023
DNS client for Fedora? Ask Fedora	17	2462	February 4, 2022
Whole system network monitoring and dns sinkhole Ask Fedora f33 , f34 , f35 , networking , dns	3	810	November 26, 2021
Self hosted DNS, DHCP, and local domain Ask Fedora f38 , dns , server , workstation	4	1274	July 30, 2023

DNS Over TLS - What are the recommendations for a home network?

Related topics