Advice Request Which DNS Server do you use? /DNS Tunnelling

[TairikuOkami]

I use DNS.Watch on my router and on my computer and Yandex DNS via dnscrypt in Yandex browser, I really like multiple DNS, it is good for troubleshooting.

I would prefer either Adguard DNS Family, but without blocking ADs, it slows down browsing or Yandex Family, but it is not possible in Yandex browser.

 

[ForgottenSeer 58943]

I use DNS.Watch on my router and on my computer and Yandex DNS via dnscrypt in Yandex browser, I really like multiple DNS, it is good for troubleshooting.

I would prefer either Adguard DNS Family, but without blocking ADs, it slows down browsing or Yandex Family, but it is not possible in Yandex browser.

Adguard DNS fails for me because it routes to Russia. Until they get their records right with my ISP I can't use them.

 

[TairikuOkami]

Adguard DNS fails for me because it routes to Russia. Until they get their records right with my ISP I can't use them.

What exactly is the issue? By the way, Adguard does not have its own servers, it is chained via OpenDNS/GoogleDNS and etc.

We use DNS servers of the data center as upstream DNS, they use somebody else's servers and so on. I suppose that somewhere in that chain may be google dns as well.

 

[Evjl's Rain]

You may also want to add Alternate DNS.. Secured DNS w/Ad+Malvertising block. Much faster than Adguard in my tests.

Alternate DNS - Ad Blocking DNS Server
Primary: 198.101.242.72
Secondary: 23.253.163.53

alternateDNS is indeed very fast and effective
however, after 2 months of using it, when I visited a website, it showed a website that my trial was expired and require an upgrade to premium version to continue the service. I think they just added it recently

they didn't mention anything related to trial period for home users
only trial for business clients

no longer recommended because of this

adguard DNS is too slow and unstable for my liking in my 2 countries trying it

 

[ForgottenSeer 58943]

Adguard DNS routes to Russia. ISP issue. They can't help me, we've already gone over this on their forums unfortunately.

I'd consider the $2.99 a month for Alternate DNS, trivial expense for a very fast, adblocking DNS. I might give it a try when I get a chance. They appear to have ended their free consumer product.

 

[ForgottenSeer 58943]

Remember if you use Heimdal, it will override your DHCP DNS settings and point to loopback on your computers. Then it will implement it's own securedDNS for itself to function with traffic filtration AND VectorN. So if you want to use one of these DNS, and use most of Heimdal features, it's not going to work as Heimdal will bypass your router DNS.

It's still beneficial to make this change on your router even if you want Heimdal on because it would help protect everything on your network that doesn't use Heimdal.

 

[Sunshine-boy]

Use Simple DNSCrypt then choose from the resolvers (with DNSCrypt and DNSSEC support) below. Choose with no-log as well.

thnx for your complete list and info.
if you use the Yandex browser you don't need to install Simple DNS Crypt:--)
Easy just set you DNS in DNS watch and then pick one DNS from Yandex DNS list(all of them are DNS servers with DNS crypt encryption)
in my case: DNS watch+ns0.dnscrypt.is in Reykjavík, Iceland so my isp can suck it

 

[HarborFront]

thnx for your complete list and info.
if you use the Yandex browser you don't need to install Simple DNS Crypt:--)
Easy just set you DNS in DNS watch and then pick one DNS from Yandex DNS list(all of them are DNS servers with DNS crypt encryption)
in my case: DNS watch+ns0.dnscrypt.is in Reykjavík, Iceland so my isp can suck it

Yandex don't support DNSSEC and no-log

 

[Sunshine-boy]

Yandex support it!

 

[HarborFront]

Yandex support it!

Show the link, can? I like to revise my listing

 

[Sunshine-boy]

First, you show me that Yandex can't
I set my DNS to ns0.dnscrypt.is in Reykjavík, Iceland(from Yandex list) which supports DNSSEC!so Yandex can support DNSSEC :0

 

[HarborFront]

First, you show me that Yandex can't
I set my DNS to ns0.dnscrypt.is in Reykjavík, Iceland(from Yandex list) which supports DNSSEC!so Yandex can support DNSSEC :0

Check

List of Public DNS Servers [wiki.ipfire.org]

These are the original Yandex DNS servers

Yandex.DNS

Sometimes a DNS server provider may include other DNS server providers e.g. UncensoredDNS is a good example. It's original DNS servers do NOT support DNSSEC but it has other providers' servers which support DNSSEC

 

[Sunshine-boy]

What is it mate?!it's about Yandex DNS, not Yandex browser YandexDNS don't support DNSSEC but the Yandex browser doesn't use Yandex DNS you can choose Yandex DNS when you want to pick one dns from Yandex DNS's list Yandex DNS is there!
you can set your dns in ipv6 or/and ipv4 and chose one dns from Yandex DNS list! I guess you don't know what I mean!
this link is about Yandex DNS, not the browser.

 

[HarborFront]

What is it mate?!it's about Yandex DNS, not Yandex browser YandexDNS don't support DNSSEC but the Yandex browser doesn't use Yandex DNS you can choose Yandex DNS when you want to pick one dns from Yandex DNS's list Yandex DNS is there!
you can set your dns in ipv6 or/and ipv4 and chose one dns from Yandex DNS list! I guess you don't know what I mean!
this link is about Yandex DNS, not the browser.

Ok you are right

Yandex — Company blog — Yandex Browser Pioneers Built-in DNS Security

The option to select a DNS sever is there in the Yandex browser

 

[Sunshine-boy]

Yes hahaha I already did a lot of search and investigations so the best combo is dns watch(internet settings)+ns0.dnscrypt.is in Reykjavík, Iceland
But it's for me maybe another guy wants to use another server! i prefer this combo
for dns watch you need to pick a server which supports DNSSEC

 

[Cohen]

I'm always using PIA's DNS servers because my devices automatically connect to the VPN when they boot.

 

[HarborFront]

I'm always using PIA's DNS servers because my devices automatically connect to the VPN when they boot.

Using the VPN provider's DNS servers is the best provided you can trust them not to collect your personal data. Just make sure they don't redirect the DNS queries to other public DNS servers like Google Public DNS, OpenDNS etc i.e. they must have their own dedicated DNS servers

 

[HarborFront]

Yes hahaha I already did a lot of search and investigations so the best combo is dns watch(internet settings)+ns0.dnscrypt.is in Reykjavík, Iceland
But it's for me maybe another guy wants to use another server! i prefer this combo
for dns watch you need to pick a server which supports DNSSEC

Am I right that you selected 2 DNS servers

DNS.Watch
ns0.dnscrypt.is

I think DNS.Watch don't support DNSCrypt. It supports only DNSSEC and no-logging. If you use it that means your DNS queries are NOT encrypted

The second one is ok for it supports DNSCrypt, DNSSEC and no-logging

 

[Trooper]

Adguard DNS fails for me because it routes to Russia. Until they get their records right with my ISP I can't use them.

Same here. I was using it until they changed some stuff. I know one of the devs mentioned getting another hosting company to help alleviate it. I am in the US and get routed through Europe now lol. So it's a no go for me.

 

[HarborFront]

One more Secure DNS server to share. It's from Pi Hole

It's IP4 address is 192.168.1.200

I think it's using other Secure DNS providers like Google Public DNS, OpenDNS, Norton ConnectSafe and Comodo Secure DNS