https://www.pistack.xyz/tags/dot/Recent content in Dot on Pi StackHugoen-usThu, 16 Apr 2026 00:00:00 +0000https://www.pistack.xyz/posts/self-hosted-dns-over-tls-resolver-stubby-unbound-knot-2026/Thu, 16 Apr 2026 00:00:00 +0000https://www.pistack.xyz/posts/self-hosted-dns-over-tls-resolver-stubby-unbound-knot-2026/<p>Every DNS query your devices send travels in plain text by default. That means your ISP, network administrator, or anyone with access to the network path can see every domain you look up. DNS-over-TLS (DoT) fixes this by encrypting the entire DNS conversation inside a TLS tunnel on port 853, the same cryptographic protection you get from HTTPS.</p>