Once upon a time there was discussion about the DNS servers 8.8.8.8 and 8.8.4.4 and how we need to move to a Canadian one. The one passed around was 149.112.121.30, CIRA (protected).

I had said something about going a step further and just using your own via Pi-Hole and Unbound. Someone I do not remember who as that is why I am posting here said yes but the pi still has the DNS server you set it up with, they said they would look into it further at a later date If they did look into it and post something I am truly sorry as I cannot find it.

I have gotten into using less US internet things and I recently got to find out that I needed to figure out my VPN setup a little better. This lead me into a deep valley of infosec and I am trying my darndest to strip things away. Anywho I was looking into something and there was mention of apps possibly falling back to system DNS so I found /etc/resolv.conf where I changed my DNS system on my 3 currently operational pi’s to access DNS like this.

Edit: I fixed some editing and hopefully made the commands more clear

This was bolded (I guess putting the comment marker first in the line makes it bold) but inside of the conf file at /etc/resolv.conf I changed it from,

Generated by NetworkManager

nameserver 9.9.9.9 To

Generated by NetworkManager

nameserver 172.16.1.50 # Primary Pi-hole

nameserver 172.16.1.52 # Secondary Pi-hole

nameserver 149.112.121.30 # Canadian DNS (CIRA Canadian Shield: Protected)

I also needed to add this to the end of /etc/unbound/unbound.conf.d/pi-hole.conf

This is for Canadian and psuedo-Canadian backups.

forward-zone:

name: “.”

forward-addr: 149.112.121.10 # CIRA Canadian DNS

forward-addr: 9.9.9.10 # Quad9 Canadian (with filtering)

forward-first: no

I get into computer projects and find ways to one up myself, I wish I could say I crash tested everything the old fashioned way but I have used ChatGPT to crash test things. Only because I do not have a computer with a strong enough graphics card to run a local LLM and breaking one thing could set me back hours or even days.

  • ErableEreinte@lemmy.ca
    10·
    3 days ago

    Per their website:

    As a non-profit that engages with a number of stakeholder groups across Canada’s internet, CIRA believes that transparency is essential to good governance.

    They also detail their compensation and expenses further down that page.

    • Avid Amoeba@lemmy.ca
      11·
      3 days ago

      So you’re saying it’s safe to use their DNS without worrying much about data collection? 😂 I like it.

      • Reannlegge@lemmy.caOPEnglish
        3·
        3 days ago

        Being non profit in Canada does mean stuff about their income, Quad9 Canada is a US nonprofit so they are not into looking to sell your data but they are from the US. I do not like my data being seen by others as that is why CIRA is third in the list and Quad9 is forth in the list.