Those running Unbound DNS and likely anyone on PiHole which uses Unbound can already benefit from talking to the fastest upstream DoT/DoH providers and may configure the balance or preference without leaking the same name to each provider, if I am understanding the diagram and documentation correctly regarding SmartDNS. Unbound can passively keep track of how fast each upstream provider is [1] and supports DoT/DoH if DoH support was compiled in and can forward specific zones to non DoT if required.
fast-server-num: 4
fast-server-permil: 200
forward-zone:
name: "."
forward-addr: 74.82.42.42@853#ordns.he.net
forward-addr: 45.67.219.208@853#dot.la.ahadns.net
forward-addr: 185.235.82.82@853#b.ns.dnslify.com
forward-addr: 141.95.160.38@853#geo.dnswarden.com
forward-addr: 146.255.56.98@853#dot1.applied-privacy.net
forward-addr: 144.202.69.149@853#adblockdot.us.dnswarden.com
In the above example we balance across the 4 fastest of those providers 200 out of 1000 times. Using DoT examples as not every Linux distribution compiles in DoH support[1] - https://unbound.docs.nlnetlabs.nl/en/latest/manpages/unbound... [search for fast-server-permil]
I have been looking into DNS quite a bit lately (Unbound, etc), as DNS lookup performance has been pretty subpar lately. I'm in Perth, Australia, and we're pretty remote so our latency is meh at best, and Cloudflare performance has been all over the shop lately, I think they're having issues in WA). DNS can also cause really routing issues here sometimes as we get better latency to Singapore than Sydney, so we might get shunted off to SG.
I've also been using dnscrypt-proxy2 (https://github.com/DNSCrypt/dnscrypt-proxy) for a while, but the above issues with Cloudflares DNS is what triggered me to look into other options.
I use a min-cache-ttl of 15 minutes, which seems to work well.
Thank you for sharing this tip about, looking into this now :).