Menu
What's new
By:
Filters Better Search

ad blocking

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Im also using OpenVPN - so if I want more privacy, then I can use a VPN alongisde use Unbound without OpenDns, that way only ME can see my dns queries?
 
At some point, something will NEED to see your queries... otherwise how will your request know where to go? Many, including myself, like Unbound as it cuts out the middle man so to speak and you go direct to root servers, minimizing your exposure to a smaller number of hosts. With Pi-hole - you can only have one upstream service - Unbound or some other DNS provider like OpenDNS, Cloudfare etc... So... pick your risk level and balance it vs the benefits/maintenance that each choice brings and then decide what works best for you.
 
shabbs said:
At some point, something will NEED to see your queries... otherwise how will your request know where to go? Many, including myself, like Unbound as it cuts out the middle man so to speak and you go direct to root servers, minimizing your exposure to a smaller number of hosts. With Pi-hole - you can only have one upstream service - Unbound or some other DNS provider like OpenDNS, Cloudfare etc... So... pick your risk level and balance it vs the benefits/maintenance that each choice brings and then decide what works best for you.
Click to expand...
I understand I can run Unbound with an upstream service, but my main question is....since I am already using pihole with OpenDns, what would be the benefit of me using Unbound alongside OpenDns?
I think I may not be explaining my question properly.. I apologize about that.
 
I believe you don't know well the difference between Unbound and dnsmasq. Unbound can be used as resolver or forwarder. dnsmasq can be used as forwarder only. Both are caching servers, if you want to ask.

Your options with Pi-hole:

a) you want OpenDNS with its free categories - dnsmasq forwarding to OpenDNS servers
b) you want more "privacy" by spreading queries to different root servers - Unbound as resolver + blocklists for categories you want to block

Both have pros and cons.
 
You're right. I don't understand the difference, hence why I am asking.
So when I want to go to let's say, google.com....

My PC > Pihole > OpenDns > Root DNS service?

What would it be when using Unbound?
 
My PC > Pi-hole > Unbound (as resolver) > Root servers
 
ok.. now, if I add OpenDns to the mix?

My PC > Pi-hole > OpenDns > Unbound (as resolver) > Root servers?
 
You can't do it this way. OpenDNS is remote DNS server, Unbound is your local DNS server.

If you're asking about:

My PC > Pi-hole > Unbound (as forwarder) > OpenDNS > Root servers

I told you already - no point doing it. You just replace dnsmasq with Unbound and it does the same thing as dnsmasq.
 
macster2075 said:
ok.. now, if I add OpenDns to the mix?

My PC > Pi-hole > OpenDns > Unbound (as resolver) > Root servers?
Click to expand...

Why?

First, you should figure out what you want. "Privacy" isn't an answer by the way, someone always knows. The question with all these setups is "Who do you trust?". Basically, it's a bit of a game of 'hot potato'.

I.E. Unless you're using TOR for everything (which has it's own issues) you either:
1. Trust your ISP
2. Don't trust your ISP
2a. So you don't use them for DNS - but they see all the sites you access anyways​
2b. So you don't use them as an 'endpoint' so you trust the VPN vendor (how much do you know about them?)​

If you find a DNS provider you trust, then you can use DoT to encrypt your DNS queries, but of course, your ISP will see the sites you visit.

Now, if you use a VPN, then you should probably use your VPN providers DNS servers (otherwise you can easily get DNS leaks). In that case, maybe just pick a VPN vendor that also has ad-blocking options.

Good luck!
 
I simply point my DNS to the ADDGuard DNS servers which also blocks known threat sites. It's super simple and you can set up exceptions if necessary on the router.

For those that want privacy, turn off your router. It's not going to happen. Even if you provide your own local DNS, your traffic need to hit the internet where it can be monitored. So you say use a VPN tunnel, it's hits the VPN providers network and there network hits the internet. Bot are places that can and frequently are monitored.
 
I think this thread took a different turn and it's my fault for not explaining my question properly.
I lack the correct verbiage to explain it well and it's causing confusion.
 
Lat's start with what do you need Pi-hole for and it will be more clear. If your idea is "privacy" - use the RPi for something else.
 
macster2075 said:
ok.. now, if I add OpenDns to the mix?

My PC > Pi-hole > OpenDns > Unbound (as resolver) > Root servers?
macster2075 said:
I understand I can run Unbound with an upstream service, but my main question is....since I am already using pihole with OpenDns, what would be the benefit of me using Unbound alongside OpenDns?
I think I may not be explaining my question properly.. I apologize about that.
Click to expand...
Click to expand...
Tech9 said:
You can't do it this way. OpenDNS is remote DNS server, Unbound is your local DNS server.

If you're asking about:

My PC > Pi-hole > Unbound (as forwarder) > OpenDNS > Root servers

I told you already - no point doing it. You just replace dnsmasq with Unbound and it does the same thing as dnsmasq.
Click to expand...
macster2075 said:
You're right. I don't understand the difference, hence why I am asking.
So when I want to go to let's say, google.com....

My PC > Pihole > OpenDns > Root DNS service?

What would it be when using Unbound?
Click to expand...


1670289750119.png

1670289812457.png

1670289851379.png
 
Yes, Mr. SWOTRB. Some people read the manual last. :)
 
I have a few lines in dnsmasq to force SafeSearch on browsers. If I install unbound, will I lose that?
 
I'm leaving this conversation. I'm sorry.
 
macster2075 said:
I think this thread took a different turn and it's my fault for not explaining my question properly.
I lack the correct verbiage to explain it well and it's causing confusion.
Click to expand...
Your original comment was about using Unbound for more privacy, and then the ask was: "What is the difference between setting up Unbound and OpenDns as the upstream compared to the way I have it now which is running pihole with OpenDns as upstream, but unbound is not installed?"

For Pi-hole - you can use Unbound OR OpenDNS as your upstream provider - but not both in a chain. Using both, even if you could, would just be additional steps for no reason and eliminate the benefit that Unbound brings.

Unbound offers a level of privacy in that you are only exposing your queries to a small set of root servers - not a 3rd party DNS provider etc.... or other VPN provider. Your ISP will still see the IPs that you are hitting no matter what you do as your traffic runs over their lines.

What are you trying to get out of using Unbound?
 
You must log in or register to reply here.

Similar threads

J
Diversion Diversion won't start
Replies
2
Views
218
dave14305
D
J
Diversion [SOLVED] DNS Director with Diversion 5.0+?
Replies
2
Views
278
JRes
J
C
Need some help with a DHCP problem
Replies
9
Views
970
ComputerSteve
C
F
Experiences in Roku vs. Ad-blocking
Replies
5
Views
789
vlord
vlord
RMerlin
Looking for feedback: Anyone considering AiCloud important to them?
7 8 9
Replies
173
Views
7K
Tech9
Tech9
Similar threads
Thread starter Title Forum Replies Date
octopus Google mail vpn blocking Asuswrt-Merlin 7
F Experiences in Roku vs. Ad-blocking Asuswrt-Merlin 5
S VPN blocking MMS text messages Asuswrt-Merlin 8
B Time Scheduling blocking internet access on newest firmware Asuswrt-Merlin 15
I Blocking a device from sending DNS requests? Asuswrt-Merlin 1

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 837 (members: 15, guests: 822)
Top