May 29, 20188 yr My Service provider has terrible DNS. I also suspect they do all kinds of sniffing/traffic logging/advertising with the information they collect when I browse the web on their service. This is regardless of what DNS I use because it is transmitted it plain text. After a bit of research I found the new 1dot (1.1.1.1) cloudflare DNS offers DNS over HTTPS to totally encrypt all DNS traffic leaving my network. The only cavate is it requires using it requires an intermediary service/application called CloudFlareD (aka Argo). Enter Docker/Unraid. Docker/Unraid doesn't seem to have a template setup for it, and since I don't really know how to do that I set one up manually. In the unraid webgui, find the docker section and click add container. Switch to advanced and don't pick a template. Fill out the template as below, leave all fields that aren't mentioned as blank. NOTE: Must have Bridged mode enabled on the unraid network device. Name: cloudflared-proxy-dns Repository: travisez13/cloudflared-proxy-dns Docker Hub URL: https://hub.docker.com/r/travisez13/cloudflared-proxy-dns/ Network Type: br0 Fixed IP address (optional): Any free IP (192.168.0.55) Privileged: ON (DNS port 53 requires this to bind properly) Add 2 extra Ports as per below 1. Name: DNS TCP Host Port: 53 Default Value: 53 Connection Type: TCP Required: Yes 2. Name: DNS UDP Host Port: 53 Default Value: 53 Connection Type: UDP Required: Yes After the docker starts you'll need to test and make sure its running properly by using nslookup in windows 1. Click start and run 2. type in nslookup 3. in the black window type in the below command without quotes "server 192.168.1.10" there 192.168.1.10 is the ip address of the Fixed IP address you selected earlier 4. type an internet address that you know works (google.com, ebay.com, lime-technology.com) and it should reply with an IP address that corrosponds with the site you tried. Once that is confirmed you are ready to change the DNS your DHCP server is sending out. Usually on your ISP router. Since I've done this I've slowly seen a massive drop in sketchy advertising that I suspected was from my ISP. It also has better performance than both my ISP and Google Pub DNS. Plus encrypted DNS, so yeah. I'm happy(ish) now, just have to keep harping on ISP to not be sketchy. Details on cloudflare link below if someone wants to create an actual docker container. https://developers.cloudflare.com/1.1.1.1/dns-over-https/ Edited May 29, 20188 yr by jasgud
May 30, 20188 yr In my router, I have configured the primary DNS to be my Pihole VM IP address. As a secondary, I put 1.1.1.1 in case my VM goes down. Is this not enough? Is a nefarious someone out there aware of my obsession with visiting the unRAID forum??!!?? Edited May 30, 20188 yr by hernandito
Archived
This topic is now archived and is closed to further replies.