router.home: enable unbound dns server #243

JakeHillion · 2024-04-26T21:02:12+01:00

JakeHillion commented

2024-04-26 21:02:12 +01:00

closes #189

JakeHillion commented

2024-04-26 21:10:24 +01:00

This seems like a performance and privacy win. All forwarding resolvers use DNS over TLS (seems a bit nicer than DNS over HTTPS).

From a wired Linux host first time requests take <60ms. This is slower than going directly to the unencrypted resolver which takes <15ms. Cached requests however take 0ms, significantly quicker than going to the resolver. Given domain access patterns I expect this to significantly speed up local DNS latency, especially with future changes that make the router's server authoritative for domains contained in my Nix config.

This seems like a performance and privacy win. All forwarding resolvers use DNS over TLS (seems a bit nicer than DNS over HTTPS). From a wired Linux host first time requests take <60ms. This is slower than going directly to the unencrypted resolver which takes <15ms. Cached requests however take 0ms, significantly quicker than going to the resolver. Given domain access patterns I expect this to significantly speed up local DNS latency, especially with future changes that make the router's server authoritative for domains contained in my Nix config.

JakeHillion force-pushed unbound from 6af93f02e6 to 241b45b055

2024-04-26 21:20:32 +01:00

Compare

JakeHillion force-pushed unbound from 241b45b055 to 8fdd915e76

2024-04-26 21:40:21 +01:00

Compare

JakeHillion merged commit 8fdd915e76 into main

2024-04-26 21:44:47 +01:00

JakeHillion deleted branch unbound

2024-04-26 21:44:48 +01:00

Sign in to join this conversation.

No reviewers

No Label

bug

feature

No Milestone

No project

No Assignees

1 Participants

Notifications

Due Date

The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: JakeHillion/nixos#243