<i>Do not use undelegated domain names like .lan, .home, .homenet, .homegroup, .network, nor should you make up your own domain name. If you use a made-up domain name, then DNS requests may go unfulfilled by your router and it forwards them to the global DNS root servers.</i><p>Adding for completeness sake one can ignore this if they run their own DNS at home and add their custom local domain as private. An example of telling Unbound DNS that a domain is local [1]:<p><pre><code> private-domain: "hotmess"
local-data: "my.hotmess. 1d IN A 10.10.10.10"
local-data-ptr: "10.10.10.10 1d my.hotmess."
local-zone: "use-application-dns.net." always_nxdomain
dig my.hotmess
my.hotmess. 86400 IN A 10.10.10.10
;; Query time: 0 msec
</code></pre>
<i>No root servers were harmed in this demonstration</i><p>The potential side-effect would be that DoH hosts that do not query "use-application-dns.net" or ignore it will not be able to resolve this. There are pros and cons to this and one must judge for themselves if this is acceptable. As a side note, if people wish to reduce the load on the root servers then consider running your own DNS server and also tuning every OS and DNS library to prefer either ipv4 or ipv6 first, whichever one makes the most requests for and remove search domains. This alone can cut out over 30% of all DNS requests.<p>[1] - <a href="https://unbound.docs.nlnetlabs.nl/en/latest/manpages/unbound.conf.html#unbound-conf-private-domain" rel="nofollow">https://unbound.docs.nlnetlabs.nl/en/latest/manpages/unbound...</a>