Public DNS Resolvers
Breakdown of the top Public DNS Resolvers and their features, especially as it relates to security.
Malware Blocking"
Cloudflare - "Malware blocking, EDNS, DNSoTLS, DNSSEC
1.1.1.2
1.0.0.2
EDNS Enabled"
Quad9 - "Malicious blocking, EDNS, DNSoTLS+DNSCrypt, DNSSEC
9.9.9.11
149.112.112.11
Main Resolvers
OpenDNS -EDNS, DNSCrypt, DNSSEC, SmartCache (last known good)
208.67.222.222
(resolver1.opendns.com)208.67.220.220
(resolver2.opendns.com)
EDNS, DNSoTLS, DNSSEC
8.8.8.8
8.8.4.4
Two Encryption Technologies
DNS over TLS
DNSCrypt
For Android
I've recently started using AdGuard on my Android device. It supports DNS over TLS/HTTPS servers with parallelization.
Here's the servers I use via their Custom Server option:
sdns://AQAAAAAAAAAADjIwOC42Ny4yMjAuMjIwILc1EUAgbyJdPivYItf9aR6hwzzI1maNDL4Ev6vKQ_t5GzIuZG5zY3J5cHQtY2VydC5vcGVuZG5zLmNvbQ
tls://1.1.1.2
tls://dns11.quad9.net
tls://dns.google
In order, these are:
- OpenDNS w/DNSCrypt (see Adguard Known Servers List)
- Cloudflare "Block Malicious" DNS-over-TLS
- Quad9 Block Malicious, DNSSEC, EDNS DNS-over-TLS
- Google DNS-over-TLS
See also, https://techsmix.net/dnscrypt-on-the-edgerouter-lite/