nicholas/showcase
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Created BIND9 README.md

Browse Source
This commit is contained in:
nicholasmanios
2020-03-18 18:54:46 -04:00
parent bdf6c90524
commit 192df8152f
1 changed files with 12 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
aries/bind/README.md Normal file
View File

@@ -0,0 +1,12 @@
# BIND9
Keeping true with the _router replacement_ this deployment of BIND9 named DNS server was mainly to define local hosts and forward requests to public DNS servers. I opted to use _dns.watch_ for my public resolver due to being uncensored and fast with the added benifit of no logging and DNSSEC availability. It has IPv6 capabilities, but my ISP doesn't support IPv6 well enough yet.
Some additional features that I included with my BIND9 deployment, is a DNS level ad-blocking function. It works the same way as any normal hostfile block, except it will effect all devices on my network (now you see why my firewall routes all public DNS servers to me).
In the (near) future I am planning on deploying an nginx config to allow DoT/DoH (DNS over TLS/HTTPS) to my DNS server.
In the config, you will notice that I server DNS records for 2 zones:
`secmayl.com`
`manios.ca`
However, the config is extended with `include "/usr/local/etc/namedb/sinkhole.conf";` This config file is dynamic and changes every time my script to get a new set of ad-block domains. The script is kind of half-working (also on my todo list), but works well enough to block ~80% of ads.