Embed Notice
HTML Code
Corresponding Notice
- Embed this notice@drahardja there's no way to get a full copy of all the DNS zones and keep them in sync, but it would probably be terabytes of data honestly.
The only thing you can do is run a VPS / colocated server somewhere and tunnel your DNS traffic to that server, but the communication between that server and the DNS roots / authoritative NSes will always be unencrypted.
So whoever runs your colo/VPS network and the parties inbetween will always be able to see your queries and its source IP -- possibly including your REAL source IP or at least the subnet of the originating request because of EDNS Client Subnet which is important for directing you to the nearest server based on your geographic location
The metadata leaks of who made the DNS query are not going away anytime soon.