Breakdown of the top Public DNS Resolvers and their features, especially as it relates to security.
Cloudflare - "Malware Blocking"
Malware blocking, EDNS, DNSoTLS, DNSSEC
1.1.1.2
1.0.0.2
Quad9 - "EDNS Enabled"
Malicious blocking, EDNS, DNSoTLS+DNSCrypt, DNSSEC
9.9.9.11
149.112.112.11
OpenDNS - Main Resolvers
EDNS, DNSCrypt, DNSSEC, SmartCache (last known good)
208.67.222.222
(resolver1.opendns.com)208.67.220.220
(resolver2.opendns.com)
EDNS, DNSoTLS, DNSSEC
8.8.8.8
8.8.4.4
Cloudflare 1.1.1.1 for Families
1.1.1.3
1.0.0.3
DoH - https://family.cloudflare-dns.com/dns-query
OpenDNS FamilyShield
208.67.222.123
208.67.220.123
DoH - https://doh.familyshield.opendns.com/dns-query
Adguard Family Protection
94.140.14.15
94.140.15.16
DoH - https://family.adguard-dns.com/dns-query
I've recently started using AdGuard on my Android device. It supports DNS over TLS/HTTPS servers with parallelization.
Here's the servers I use via their Custom Server option:
sdns://AQAAAAAAAAAADjIwOC42Ny4yMjAuMjIwILc1EUAgbyJdPivYItf9aR6hwzzI1maNDL4Ev6vKQ_t5GzIuZG5zY3J5cHQtY2VydC5vcGVuZG5zLmNvbQ
tls://1.1.1.2
tls://dns11.quad9.net
tls://dns.google
In order, these are:
- OpenDNS w/DNSCrypt (see Adguard Known Servers List)
- Cloudflare "Block Malicious" DNS-over-TLS
- Quad9 Block Malicious, DNSSEC, EDNS DNS-over-TLS
- Google DNS-over-TLS
See also, https://techsmix.net/dnscrypt-on-the-edgerouter-lite/