Protect Your Privacy With Unbound
In addition to DNS over HTTPS, Firewalla supports another DNS service to help you keep your network traffic secure: Unbound. Unbound is a validating, recursive, caching DNS resolver installed locally on the Firewalla box. It prevents a single DNS server from having all your DNS records, increasing your online privacy and security.
How does Unbound work?
Unbound is a DNS resolver server that processes DNS queries from client devices and provides the corresponding IP addresses (while DNS-over-HTTPS (DoH) is a DNS protocol that can be used to talk to DNS resolvers).
- Unbound uses DNSSec to validate DNS results and prevent man-in-the-middle attacks. Because Unbound is a DNS resolver, it will connect to different DNS servers for other domains, preventing modifications to DNS replies.
- Unbound doesn't encrypt DNS traffic.
- Unbound will talk to root DNS servers directly, ensuring no one DNS server has a full record of your DNS queries.
When should I use Unbound?
Unbound is valuable whenever you want to protect your digital privacy. More specifically, it's useful when you don't want a single DNS server to know where you're going and you don't want your DNS queries to be modified.
How do I enable Unbound?
Unbound is part of Firewalla's DNS Service feature. To apply Unbound to your devices, tap the 'DNS Service' button at the bottom of your box's main page, toggle Unbound on, and select the devices, groups, or networks to apply it to.
As part of the 1.52 app release, you can also now send DNS requests over VPN instead of your ISP to protect your privacy further. To enable Unbound over VPN, you must have a VPN Client connection configured on your Firewalla and be using Unbound. Watch a video tutorial or read more about this feature in our 1.52 App Release Notes.
Can I use Unbound with other DNS services?
While you can't run two different DNS services at the same time on one device, you can enable different DNS services at the same time on different devices. For example, you can run DoH for your laptop while running Unbound for your tablet.
For a more comprehensive guide to the range of DNS services Firewalla offers, read our article on Firewalla DNS Services.
This is part of our Firewalla Weekly Newsletter. You can sign up here https://firewalla.com/weekly.