Certezalito
commented
7 months ago @BuddhaDiedLaughing I've recently moved and my network devices have changed, I don't have a FreshTomato device in use, so no updates. Additionally there doesn't appear there have been updates to Stubby in FreshTomato so this script should still be valid. Reference: https://bitbucket.org/pedro311/freshtomato-arm/src/arm-master/CHANGELOG
Regarding opportunistic NextDNS configuration, I thought I had configured the opportunistic DNS settings correctly in the script as per: https://dnsprivacy.org/dns_privacy_daemon_-_stubby/configuring_stubby/#opportunistic-dot-to-your-local-resolver
dns_transport_list:
- GETDNS_TRANSPORT_TLS
- GETDNS_TRANSPORT_UDP
- GETDNS_TRANSPORT_TCP
tls_authentication: GETDNS_AUTHENTICATION_NONEI have no experience with Pi-hole OR Unbound so I'm unsure on your ideas, but it does sound cool.
The purpose of this script was to have an easy way to enable NextDNS DoT without having to store the config on a usb stick attached to FreshTomato.
This script was perfect once I figured out which checkboxs needed checking and to switch to 'strict-order.'
It's been a bit since you committed anything to it & I wonder if you've, since, given any thought to the idea of cacheing & recursion....
What do you think of the feasibility of emulating the recursive DNS functionality popularized by PiHole+Unbound - only with NextDNS's servers taking on the hardware requirements of the PiHole? Could a half way recent router with a USB port manage the Unbound part?
Granted, I know just about nothing but my hunch is the most obvious hardware hurdles would be cache limitations. But then, maybe a combination of ZRAM and page filing cleverness could overcome that. I have no idea. How fast does DNS cache r/w need to be?
Thanks for your thoughts and this script, regardless!