A (way more?) better default DNS

Jigsaw-Code / outline-server

Outline Server, developed by Jigsaw. The Outline Server is a proxy server that runs a Shadowsocks instance and provides a REST API for access key management.

https://getoutline.org/

Apache License 2.0

5.84k stars 789 forks source link

A (way more?) better default DNS #1122

Open c2xusnpq6 opened 2 years ago

c2xusnpq6 commented 2 years ago

I think Outline should set Cloudflare DNS (Firefox user's version) and Quad9 as the default DNS to ensure user's browsing security, instead of OpenDNS.

For more information:

c2xusnpq6 commented 2 years ago

Cloudflare (Firefox ver):

https://mozilla.cloudflare-dns.com/dns-query

Quad9 (Malware Blocking, DNSSEC Validation):

https://149.112.112.112/dns-query
https://9.9.9.9/dns-query
https://149.112.112.9/dns-query

Quad9 (Malware blocking, DNSSEC Validation, ECS enabled):

https://9.9.9.11/dns-query
https://149.112.112.11/dns-query

Quad9 (No Malware blocking, no DNSSEC validation):

https://9.9.9.10/dns-query
https://149.112.112.10/dns-query

NextDNS (Firefox ver):

https://firefox.dns.nextdns.io/

c2xusnpq6 commented 2 years ago

And I suggest you put that HTTPS DNS on Bootstrap DNS too. (Quad9? DNS.SB?)

DNS.SB (Owned by xTom and based in Germany, which is within the EU):

https://185.222.222.222/dns-query
https://45.11.45.11/dns-query

c2xusnpq6 commented 2 years ago

One more thing, the Firefox version of Cloudflare DNS may reject DNS requests for commercial IPs. (So... Quad9 it is?)