When you install IPFire, you configure DNS name servers either manually or get them assigned via DHCP from your provider.
In this section you can take some very important settings how your system and networks will use the Domain Name System.
This option allows you to enable or disable the usage of your local ISP-assigned DNS servers.
As default this feature is enabled and can not be used together with TLS.
If you want to use the DNS servers of your ISP anyway, you can still add them manually along with the required TLS hostname information to get them to work.
This dropdown box allows to specify the protocol which will be used to send DNS queries to
the used DNS servers.
The following protocols can be selected:
The choosen protocol will be the same for all used servers.
For those of you who are running IPFire in a school or at home with children, you can now enable Safe Search for multiple search engines and YouTube. If Safe Search is enabled, all adult and violent content will be filtered in the search results.
For more details see "How does Safe Search work" blog article
To protect your privacy, the DNS proxy inside IPFire strips away any part of the domain name that is not required to resolve the query.
This feature is enabled by default and can be switched from the standard to the stricter mode which works according to RFC 7816, but might make some records unresolvable if the upstream name server does not respond according to the standard.