If you want a speed and privacy increase while… well, being on the internet, setting up a local DNS server is an important first step.

For a introduction to DNS, check the top of the page of my DNS service.

I’ll cover how to set up Unbound on Linux in this tutorial. As mentioned here, you can install it on Windows too. If you are interested in privacy, consider switching to Linux (especially if you’re not planning on gaming, Linus…)

The DNS server we’ll be using, Unbound, caches DNS queries using Redis for fast resolutions.

Background

Using third-party DNS resolvers (e.g. 1.1.1.1) poses a security and privacy risk. When using Linux (especially Arch), the default is probably to use your Wi-Fi’s DNS. That’s a disaster.

The DNS server you use can log and track you each time you visit a website. By default on many low-level Linux distros, a DNS cache isn’t used. This worsens the problem.

I offer a DNS service, physically located in Scandinavia (i.e. speed will only beat 1.1.1.1’s if you’re physically near me, as they have servers all around the globe), with guarantees to never collect any data. If you don’t trust me or Cloudflare (provider of 1.1.1.1), I’ll show you how to set up your own Unbound server, just as I have it configured.

Installation

Install the packages redis and unbound. These should be available in your package manager. The aforementioned are the names pacman uses.

Configuration

Next, let’s configure Redis.

In /etc/redis/redis.conf, change the line with hz 10 to hz 2 and add the line maxmemory 67108864 (2^26B, 64MiB) after # maxmemory <bytes>.

In /etc/unbound/unbound.conf, change the following lines. I state the value (by default commented out in the config) and what the line should contain. These are all in the server section.

# This can sometimes help if you don't have IPv