Stubby is the name given to a mode of using getdns which enables it to act as a local DNS-over-TLS stub resolver. It is recommended to use the latest release of the 1.1 version of getdns to have the most up to date version of Stubby.
In this mode Stubby (getdns) does several things
- Runs as a daemon
- By default obtains its configuration information from the configuration file at /etc/stubby.conf
- Can be configured to listen on the loopback address and send all outgoing DNS queries received on that address out over TLS to a DNS Privacy server
- Can be configured with authentication information for DNS Privacy servers and instructed to use either a 'Strict' or an 'Opportunistic' Profile as described in Authentication and (D)TLS Profile for DNS-over-(D)TLS