I am trying to find out what option would be the most beneficial for my privacy. I want my DNS queries to be encrypted so ISP can’t see what I do online.
My understanding is that VPNs encrypt source-destination data requests. But I also want to make use of the trackers/ads blocking of AdGuard Home. What should I do to achieve the best privacy available for me?
This is my understanding of how each of these works:
VPN + AdGuard Home (DoT)
client -> AdGuard Home (DoT) -> VPN -> Destination
ISP and VPN can’t see my DNS requests, but knows that I am using DoT
VPN + AdGuard Home (DNS is set to VPN’s DNS)
client -> AdGuard Home (VPN's DNS) -> VPN -> Destination
ISP can’t see anything about my DNS requests
VPN w/o AdGuard Home
client -> VPN -> Destination
Only VPN can see my DNS requests
Did I misunderstand something? Or is it correct? Or is there a better option out there? Ty