jasgud Posted May 29, 2018 Share Posted May 29, 2018 (edited) My Service provider has terrible DNS. I also suspect they do all kinds of sniffing/traffic logging/advertising with the information they collect when I browse the web on their service. This is regardless of what DNS I use because it is transmitted it plain text. After a bit of research I found the new 1dot (1.1.1.1) cloudflare DNS offers DNS over HTTPS to totally encrypt all DNS traffic leaving my network. The only cavate is it requires using it requires an intermediary service/application called CloudFlareD (aka Argo). Enter Docker/Unraid. Docker/Unraid doesn't seem to have a template setup for it, and since I don't really know how to do that I set one up manually. In the unraid webgui, find the docker section and click add container. Switch to advanced and don't pick a template. Fill out the template as below, leave all fields that aren't mentioned as blank. NOTE: Must have Bridged mode enabled on the unraid network device. Name: cloudflared-proxy-dns Repository: travisez13/cloudflared-proxy-dns Docker Hub URL: https://hub.docker.com/r/travisez13/cloudflared-proxy-dns/ Network Type: br0 Fixed IP address (optional): Any free IP (192.168.0.55) Privileged: ON (DNS port 53 requires this to bind properly) Add 2 extra Ports as per below 1. Name: DNS TCP Host Port: 53 Default Value: 53 Connection Type: TCP Required: Yes 2. Name: DNS UDP Host Port: 53 Default Value: 53 Connection Type: UDP Required: Yes After the docker starts you'll need to test and make sure its running properly by using nslookup in windows 1. Click start and run 2. type in nslookup 3. in the black window type in the below command without quotes "server 192.168.1.10" there 192.168.1.10 is the ip address of the Fixed IP address you selected earlier 4. type an internet address that you know works (google.com, ebay.com, lime-technology.com) and it should reply with an IP address that corrosponds with the site you tried. Once that is confirmed you are ready to change the DNS your DHCP server is sending out. Usually on your ISP router. Since I've done this I've slowly seen a massive drop in sketchy advertising that I suspected was from my ISP. It also has better performance than both my ISP and Google Pub DNS. Plus encrypted DNS, so yeah. I'm happy(ish) now, just have to keep harping on ISP to not be sketchy. Details on cloudflare link below if someone wants to create an actual docker container. https://developers.cloudflare.com/1.1.1.1/dns-over-https/ Edited May 29, 2018 by jasgud Quote Link to comment
hernandito Posted May 30, 2018 Share Posted May 30, 2018 (edited) In my router, I have configured the primary DNS to be my Pihole VM IP address. As a secondary, I put 1.1.1.1 in case my VM goes down. Is this not enough? Is a nefarious someone out there aware of my obsession with visiting the unRAID forum??!!?? Edited May 30, 2018 by hernandito Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.