Purpose: Capture the architecture, basic operation, and recent statistics of my self‑hosted DNS filtering setup.
Overview
I’ve been running my own DNS resolver for the past ≈ 2 years. It’s a hobby‑grade service deployed on servers in several regions, heavily customized to stay reliable on diverse networks and ISP environments. Whenever the resolver is rolled out to a new region, I manually update the blocklist with region‑specific ads and trackers. I’ve recently started collecting statistics for the first time.
Why I’m measuring
Capturing query volumes and block rates gives me confidence that the filter is doing its job, helps spot regressions quickly, and provides concrete data I can share with anyone interested in the project.
What the resolver does
- Receives DNS queries from my devices (and a few trusted friends’ devices).
- Looks up the requested domain, then applies a locally maintained blocklist that filters out ads, trackers, and known malicious sites.
- Returns the safe IP address (or a “blocked” response) back to the requester.
Current Performance Snapshot
- Initial run (≈ 1 day) – 3,750 queries, 14.3 % blocked.
- Extended run (≈ 12 days) – 36,708 queries, 23.98 % blocked.
The first measurement was based on only a single day of traffic, so the blocked‑query rate appeared lower. The larger data set from the extended run gives a more realistic picture of everyday usage.
- Total DNS look‑ups handled: 40,458
- Queries blocked by the custom blocklist: 9,342
- Blocked‑query rate: ≈ 23 % (about 1 in 4 look‑ups is stopped)
What the numbers tell us
The blocked‑query rate is higher now than the very first single‑day test (which showed only 14 % blocked). The increase is not due to a sudden surge in malicious traffic; it simply reflects a larger, more representative data set spanning multiple regions and a longer observation window.
Take‑away for anyone reading this
My personal DNS service is actively filtering a significant portion of unwanted traffic while remaining fast and reliable across multiple locations. The recent numbers reflect a more accurate measurement thanks to the expanded data collection, not a change in threat level.
I’ll be extending the service to another region soon. New ads, trackers, and malicious sites appear daily, so I’ll keep the blocklist up‑to‑date.
I’m hoping that documenting this data set will sharpen my documentation skills for future projects. If you have suggestions on additional metrics to track or ways to strengthen this write‑up, please let me know.
Weekly performance tracking (planned)
I intend to capture a brief performance snapshot once per week. Each entry will include:
- Date range (e.g., 2025‑10‑01 → 2025‑10‑07)
- Total DNS queries processed during the week
- Blocked queries and the resulting blocked‑query rate
- Any notable anomalies (spikes, new blocklist additions, configuration changes)
These weekly notes will be appended to this document, creating a chronological log that can be reviewed for trends, regression detection, and capacity planning.
Example entry (Week 1 – 2025‑10‑01 → 2025‑10‑07)
- Total DNS queries: 12 340
- Blocked queries: 2 950
- Blocked‑query rate: 23.9 %
- Observation: Added a new blocklist entry for
tracker.example.com; no adverse effects observed.
Top comments (0)