I wrote this because I got tired of my home DNS being a single point of failure.
The setup is a mix of hardware: one local instance runs on Proxmox/Docker, and the second is on a Raspberry Pi running OpenWrt. Having that split across different host OSs ensures that a single hypervisor update doesn't take out the whole network.
The third instance is on a Debian VPS for mobile filtering. To avoid the battery drain of a constant VPN tunnel, I use this instance directly with Quad9 as the upstream. It's secured via strict client IP whitelisting in the AdGuard config to prevent it from being used as an open resolver.
Latency has been negligible on the VPS side, and the redundancy at home has saved my skin during several Proxmox reboots.
The setup is a mix of hardware: one local instance runs on Proxmox/Docker, and the second is on a Raspberry Pi running OpenWrt. Having that split across different host OSs ensures that a single hypervisor update doesn't take out the whole network.
The third instance is on a Debian VPS for mobile filtering. To avoid the battery drain of a constant VPN tunnel, I use this instance directly with Quad9 as the upstream. It's secured via strict client IP whitelisting in the AdGuard config to prevent it from being used as an open resolver.
Latency has been negligible on the VPS side, and the redundancy at home has saved my skin during several Proxmox reboots.