<.
NixNet DNS<p>In short:
</p>
<ul>
<li>Haproxy TCP/HTTP logs are disabled.
No IP addresses are collected.</li>
<li>Unbound debug logs are enabled (verbosity: 1).</li>
<li>Query amounts coming specifically from the DNS-over-TLS server aren’t counted.</li>
<li>Website/DNS-over-HTTPS gateway’s NGINX logs are disabled.</li>
</ul>
<p>To elaborate on Unbound’s verbosity, if you have it installed, you can run <code>man unbound.conf</code>, search <code>verbosity</code> and read it yourself.
More human-readably .
.
.
</p>
<ul>
<li>Level 0 only outputs errors</li>
<li>Level 1 gives high-level operational information (debug logs)</li>
<li>Level 2 gives detailed debug logs</li>
<li>Level 3 shows the admin what queries are going through Unbound</li>
<li>Level 4 gives lower-level algorithm information</li>
<li>Level 5 logs client information</li>
</ul>
<p>There’s no warranty, no uptime assurance, etc.
so I recommend using multiple resolvers.
that also improves privacy because the DNS queries are spread across multiple providers.
</p>
<p>You can see Unbound's configuration file on Gitea.
That's what I'm using in production.
</p> Retrieved from ‘https://docs.nixnet.services/index.php?title=NixNet_DNS/Privacy&oldid=1360’