Public DNS Resolvers
Breakdown of the top Public DNS Resolvers and their features, especially as it relates to security.
Malware blocking, EDNS, DNSoTLS, DNSSEC
Malicious blocking, EDNS, DNSoTLS+DNSCrypt, DNSSEC
EDNS, DNSCrypt, DNSSEC, SmartCache (last known good)
EDNS, DNSoTLS, DNSSEC
Two Encryption Technologies
DNS over TLS
I've recently started using AdGuard on my Android device. It supports DNS over TLS/HTTPS servers with parallelization.
Here's the servers I use via their Custom Server option:
sdns://AQAAAAAAAAAADjIwOC42Ny4yMjAuMjIwILc1EUAgbyJdPivYItf9aR6hwzzI1maNDL4Ev6vKQ_t5GzIuZG5zY3J5cHQtY2VydC5vcGVuZG5zLmNvbQ tls://220.127.116.11 tls://dns11.quad9.net tls://dns.google
In order, these are:
- OpenDNS w/DNSCrypt (see Adguard Known Servers List)
- Cloudflare "Block Malicious" DNS-over-TLS
- Quad9 Block Malicious, DNSSEC, EDNS DNS-over-TLS
- Google DNS-over-TLS