Fully recursive dns, remove forwarders

[ragibkl]

At the moment, our adblock dns only resolves items on the blacklist, and offload other requests to external dns such as google dns or cloudflare dns.

For better privacy, we should try perform dns resolution ourselves recursively.

I have a PR that uses bind:

• https://github.com/ragibkl/adblock-dns-server/pull/199

Currently setup on sg-dns1 for me to test personally, and also fr-dns2 for others to help test.

[ragibkl]

@Tomatoide , fr-dns2 uses self-hosted bind for fully recursive dns resolution. Do let me know if you encountered any problems, so I can roll this out to other servers as well.

[ragibkl]

Hmm, looks like there's a better way to do this:

• https://github.com/ragibkl/adblock-dns-server/pull/201
• https://github.com/ragibkl/bancuh-dns/pull/2

This is simpler in that we don't have to open so many dns ports on the host. I'll try this approach on sg-1, sg-2 and fr-2

[ragibkl]

I'm closing this now, since I've rolled out the change to all servers.