• mac@lemm.ee
    link
    fedilink
    English
    arrow-up
    3
    ·
    18 days ago

    Depends, do you have pihole/unbound setup to only recursively resolve? Or do you forward requests to an upstream (either as a fallback or just as a primary). If that’s the case, and depending on your threat model, you’ll want to set up DoH or DoT as your DNS requests will be forwarded in plaintext

    • DynamoSunshirtSandals@possumpat.io
      link
      fedilink
      English
      arrow-up
      1
      ·
      18 days ago

      Fortunately I set up unbound ages ago, and disabled every other upstream option in my pi.hole. However, I imagine that still “leaks” some information about my DNS queries, just indirectly – it’s not like my pi.hole has every domain mapped all the time!