'Stubby' is the name given to a mode of using getdns which enables it to act as a local DNS Privacy stub resolver (using DNS-over-TLS
). Stubby encrypts DNS queries sent from a client machine (desktop or laptop) to a DNS Privacy
resolver increasing end user privacy.
Stubby is in the early stages of development but is suitable for technical/advanced users. A more generally user-friendly version is on the way!
Since Stubby is part of the getdns project - the reference page for how to get up and running with Stubby has moved to the getdns website:
Stubby Reference Guide
As always, bugs or feature requests can be directed to either
Other ways to run a privacy daemon are:
- Run Unbound as a local forwarder using the ssl_upstream option to encrypt outgoing queries. This is provides a local caching resolver but at the moment Unbound doesn't fully support RFC7766 as a client and so you may not see the same performance as from Stubby (which pipelines queries).
- Work is in progress to enable knot resolver to work in this mode too