unbound

Use unbound to fix firefox so DoH doesn’t work

DoH takes away my ability as an administrator to admin my machines. It should not bypass what I have configured for my operating system. Someone may need this (VERY debatable), but it isn’t me.

Setting up firefox to not use DoH might be possible, but I want other assurances as well. Here’s how to do it in unbound.

Use a local-zone and always return nxdomain.

local-zone: "use-application-dns.net." always_nxdomain

Use a local-zone and set it to static.

local-zone use-application-dns.net static