Recently, I’ve started to rethink my DNS setup a bit and trying to think about which one to use. I’m currently debating which one to choose from and need a bit of help. I want one that is more of a set and forget setup where I don’t need to configure anything and I can just leave it without having to worry about it.
The three DNS providers I’m leaning towards is ControlD Free DNS Servers (Family Friendly), Mullvad (Family) and Cloudflare (1.1.1.3).
All of them have around if not the same feature set, but where they kinda differ is their blocklists that they use and this is where I kinda need help on and advice on which one to pick.
NextDNS can be added to this list too. It lets you set multiple blocklists — folks usually go with HaGeZi plus something region-, platform-, or preference-specific.
That’s genuinely cool that you don’t consider creating multiple accounts to use them per devices — I also try not to do that kind cheating.
I’m far from being an expert here, but if we consider that people are right to choose HaGeZi, it’s worth mentioning that they recently launched their own DNS — if the region works for you.
Looks interesting, but it being only in the EU doesn’t seem great to me. After thinking for a bit, I think I’m going to stick with my ControlD paid plan and just set up a set and forget configuration so I don’t have to tweak anything on the dashboard.
If you just want “set and forget” without any of the more advanced features of control D, in my opinion you would probably be better served by using their free resolvers instead, since nothing can be attributed to your account/payment details in that case.
I use a paid plan, but I also have thousands of custom rules, redirects, etc., and check logs frequently. If you’re not doing that, then just use the free endpoints.
Originally i was using that exact too, but it’ll timeout and error if set to push blacklist to zero trust too fast. I end up set the timeout to 1sec, whole push took around 20min to finish without error but in that 20min theres no blocking since it deleted old list first on zero trust before pushing new updated list. I end up set the github cron runner to run just once daily at my local nighttime to prevent dealing with the leaking while I’m using my devices.
The current one I’m using first cache old list before push so no leaking, plus its blazing fast around 30sec to finish. The old one also uses npm, a nightmare to keep track 10+ packages it needed, plus nowadays npm being pwn left and right. The new one uses python, without needing any third party package whatsoever to pull on each run. I now can set the github cron runner every hour just because no leaking no surprise ads while I’m browsing the web.
If cloudflare raise the zero trust list limit to 1million or even 500k I’ll be happier but I’m not complaining for the current 300k limit, beggars can’t be chooser.