H.T.S.G. by Aesistril is licensed under CC BY-NC-SA 4.0
The Domain Name System (DNS), according to Cloudflare, is the phone book of the internet.
DNS is the system that takes easy to remember website names like "youtube.com" or "google.com" and converts them into a form that computers can understand (an IP address). When you type "youtube.com" into your web browser, your computer likely asks your Internet Service Provider (ISP) if they know who "youtube.com" is. If your ISP has a record for "youtube.com", they will reply with an IP address and your computer will ask Youtube (via their IP address) to send their website to your computer.
Ads embedded within websites are usually served with addresses that need to be resolved with DNS!
This means that if we can stop our computers from getting the IP addresses for the Ad servers, we can stop our computers from downloading ads in the first place! That means our goal is to set up a system that blocks DNS lookups for sites we don't want (Ad servers), while allowing lookups for sites we do want.
When choosing a publicly available DNS server to use, there's a few things to consider:
Why do these things matter?
Every request to a new website has to go through the chosen DNS server to get resolved into an IP address. This means that you have to wait for the DNS response to come back from the DNS server before your computer can start loading the website you want.
Normally, your ISP will handle DNS requests coming from devices on your network which would be local to you. However, when you change the default DNS server, you can end up choosing a server that can be far away. If your DNS server is located across the globe from you, the process of resolving requests will take longer than if your DNS server was local and can make browsing the web feel sluggish.
Your choice of DNS server can also affect what content is allowed and what content is blocked.
For example, there are some DNS servers that explictly block adult content. This can be desirable if you have young kids at home and want to avoid mishaps with them accidentally being served this content or going to adult sites.
This type of blocking could serve to be a problem though if you want to be able to navigate to adult content on your home network. Also, sometimes normal sites you use can be included in the server's "blocked" list. When using a public DNS server, you don't have the ability to granularly adjust what is available and what is blocked. This is a situation where hosting your own server may be desirable.
Lastly, it is important to be able to trust your chosen DNS server due to privacy and security concerns.
Because your computer has to make a DNS request in order to get a website's IP address, your DNS server can track what websites you visit. Additionally, a malicious server could give you an incorrect website IP address that could unknowingly take you to malicious sites without your knowledge. While the risk of malicious DNS servers are lower when using reputable servers, the risk of DNS servers aggregating and selling your usage data is high.
Now that we have a DNS server prepared (either public or self-hosted), we need to configure our network to actually use this server.
Visit the Network Configuration Guide for help on how to do that!
H.T.S.G. by Aesistril is licensed under CC BY-NC-SA 4.0