maxell182
Hi, thanks for responding
I don’t really need to install a whole dns server (recursive + root + tld + authoritative) like Pi-Hole, I just need the authoritative dns server and so I was planning to use something lighter like nsd (https://www.nlnetlabs.nl/projects/nsd/about/). My reason for this is that I have a top level domain that is visible on the internet, it is registered with godaddy. Unfortunately godaddy dns is quite bad, notably the API is closed and thus implementing dynamic dns amongst other things are either impossible or just a chore. If I was able to self host the authoritative dns server (i.e self hosting the dns records for my website) I would be able to do a lot more and wouldn’t be reliant on godaddy for that. Of course, I could use another dns server like cloudflare or such but it wouldn’t be as fun as hosting it myself : )
However the authoritative dns server communicates via port 53 and thus, it seems that I am screwed with the sunrise router not allowing me to forward it.
Though what you mentioned is quite interesting, I already have a vpn set up, at the time where I set up my home lab, I simply bought a domain and thus my whole home services are visible on the internet with my domain name, not very secure or private I must admit. Indeed, if I had a whole dns server like Pi-Hole, I could connect via vpn and then use the self hosted dns to resolve local domain names on my home network. It would be far more secure and private I feel like.
I might just explore that, though I won’t give up on my already registered top level domain, I’ll experiment with setting up an email address next and perhaps switch to cloudflare or something for more flexibility.
Thanks again for your message, I’ll also have a read about the port 53 vulnerabilities you linked.
Have a great day !