Reddit refugee. I do things with servers and security.
DO NOT run a public DNS resolver. It’ll get used as part of a DNS amplification attack, and your system will be used to DDOS somebody else.
The only viable solutions here are to either have OPs friends VPN all traffic through OPs network (there might be a way to use split tunneling to reduce total traffic used, though I’m just spitballing here), to deploy hardware locally on their network, or to use a public solution. Everything else is going to be a security risk.
It certainly can. The VMUG subscription helps out there a little, but it’s definitely a little pricey.
I run a few older things.
In my rack, I have:
Upstairs I have another 48-port Juniper EX220, and I plan to fill most of the ports with 4+ Ethernet drops to every room in my house, plus extras for WAPs, cameras, and remote sensors.
I also use Ruckus R710s for wireless connectivity; I have two right now, and plan to eventually get one of the outdoor-rated Ruckus WAPs to mount on my chimney since WiFi coverage gets a little sparse when you get halfway across my yard.
I was remarking to a friend the other day that I’ve managed to build myself a pretty stellar setup for the early 2010s, at a fraction of the cost it would have taken back then. Though it definitely eats lots of power!
No worries, I just wanted to make very sure that the risks for #1 were properly understood.
VPN might be able to work with split tunneling, but I haven’t tried it myself. It’d probably be more complicated than it’s worth!
I’d also lean towards the public AdGuard servers in this case, for the same reason! I’m happy to field certain calls from friends and family, but I don’t want to get the “my internet isn’t working!” calls at 2am-- I get enough of those from work! 😁