Hey guys I set up a Raspberry Pi for a VPN tunnel and redirected traffic through there on certain devices.
Should we be using PIA or CloudFlare 1.1.1.1 or Google’s 8.8.8.8 for DNS?
It all depends on what you’re using the VPN for.
You should always use PIA’s DNS, or for that matter, whenever using a VPN use that specific provider’s DNS. If you don’t trust PIA’s DNS for whatever reason then don’t use PIA. By using Google’s DNS you’re sort of defeating the purpose of the VPN especially with things such as device/browser fingerprinting. Also, like Google, CloudFire has been known to log and sell user data.
Another comment mentioned using Quad9. It’s a good service but again I would use PIA’s DNS when using the VPN.
Use PIA’s. always. google it.
I would recommend to always use PIA dns but if your vpn speed is super slow because of the vpn, then using a third-party dns from CloudFlare would be a good choice. Just make sure that you know the risks of using a custom dns other than PIA’s.
I currently reside in Southeast-Asia, every morning and late evenings the internet becomes super slow even with vpn. Switching to CloudFlare dns is like night and day.
Because I live in Asia, using a custom dns other than PIA’s isn’t too much risky but if you are living in the States, that’s another story.
Be safe!
If you’re concerned about CloudFlare logging your traffic, I wouldn’t put too much stock into this but knowledge is power.
"By changing your DNS server to 1.1.1.1, you’re channeling your traffic to 1.1.1.1, and not your ISP. Cloudflare says it won’t log your IP address with 1.1.1.1, and the firm seems committed to that promise.
While it doesn’t log your IP address, the outfit does log anonymized DNS query data. According to its Commitment to Privacy, Cloudflare states that the only information it will collect are “anonymized DNS query data sent to the Cloudflare Resolver”. Some of that information is logged permanently, including the number of queries, unique users, and an aggregated list of all domain names requested.
While the firm won’t give this information to third-party advertisers, Cloudflare’s partner, APNIC, will be using the information for non-profit operational research, including being able to better understand DNS and to reduce DDoS attacks.
One thing to keep in mind when using 1.1.1.1 is that while your ISP can’t see your DNS traffic when you visit sites that use HTTPS, it can still view the contents on any unencrypted website i.e. sites that are HTTP rather than HTTPS. There’s also the obvious issue of having to trust Cloudflare and APNIC not to record your information."
I suggest IBM’s Quad9 DNS! They’re more geared for security and as Google is more about collecting data > privacy, don’t give them any more!
Don’t use third-party DNS
Either use PIA or roll your own server
I have the same question. I use the PIA app on my PC but I have my router set to use Cloudflare and Quad9.
What DNS am I really using? PIA or Cloudflare / Quad9?
The reason I set this up is that I have devices that don’t use PIA and I didn’t want those devices to go through my ISP’s DNS.
Thanks.
For me PIA DNS is blocked on certain websites and when accessing certain links. For instance Reddit links in the macOS mail app do not resolve in Safari if clicked while using PIA DNS. If I switch to CloudFlare DNS those blocks disappear. I think certain websites are blocking elements of PIA VPN including their DNS servers. The cases are rare but very glaring when you click a link and it says “server not found” when you know good and well the website in question is up and running.
This depends on your setup. I am going to assume your router isn’t set to force all devices within your network to use whatever DNS you’ve specified regardless of any specific device settings. So, in this case any device that is connected to PIA and has the setting to use PIA’s DNS enabled will use PIA DNS. Any device that isn’t connected to PIA will use whatever DNS you’ve specified for that device since you’re using more than one DNS.
You might want to connect each device one by one and do a DNS leak test to make sure it’s set up how you want it.