diff --git a/etc/unbound/unbound.conf.d/dns-over-tls.conf b/etc/unbound/unbound.conf.d/dns-over-tls.conf
index 9f429d47..14b2a0c5 100644
--- a/etc/unbound/unbound.conf.d/dns-over-tls.conf
+++ b/etc/unbound/unbound.conf.d/dns-over-tls.conf
@@ -1,57 +1,29 @@
-# NOTE! Requires Unbound 1.7.3 or newer!
-# Based on https://www.ctrl.blog/entry/unbound-tls-forwarding.html
-#
-# NOTE! You might also be interested in cache.conf, ipv6.conf and
-# threads.conf
-# You should already have qname-minimisation.conf and
-# root-auto-trust-anchor-file.conf at least on Debian.
-
 server:
 	# Debian ca-certificates location
 	tls-cert-bundle: /etc/ssl/certs/ca-certificates.crt
 	# Fedora location
 	#tls-cert-bundle: /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem
 
-# Hopefully a reasonable set of non-filtering servers including those
-# listening on 443, preferably Anycast, but not necessarily.
-#
-# This list is mainly selfdogdfed on servers (so not being in Finland
-# is not a concern and local devices are using Mullvad (Adblock for own, nonfiltering
-# for shared family (need discount ads), Adguard filtered for 2006 print server)
-# (Also I cannot rename this file due to it being linked around))
+# This list is for my travel laptop to have at least one DoT443 server
+# which seems to be applied-privacy.net. They advice having multiple DoT servers
+# for redundancy and as they don't filter, it's best I use other non-filtering ones.
 
 forward-zone:
 	name: "."
 	forward-tls-upstream: yes
 
-	# Quad9 - Anycast, Switzerland based
-	# Non filtering "insecure" servers without DNSSEC, but that is done
-	# by Unbound locally anyway.
-	forward-addr: 2620:fe::fe:10@853#dns10.quad9.net
-	forward-addr: 9.9.9.10@853#dns10.quad9.net
-	forward-addr: 2620:fe::10@853#dns10.quad9.net
-	forward-addr: 149.112.112.10@853#dns10.quad9.net
-
-	# Cloudflare DNS - anycast
-	forward-addr: 2606:4700:4700::1111@853#cloudflare-dns.com
-	forward-addr: 1.1.1.1@853#cloudflare-dns.com
-	forward-addr: 2606:4700:4700::1001@853#cloudflare-dns.com
-	forward-addr: 1.0.0.1@853#cloudflare-dns.com
-
-	## DNS-over-TLS on port 443, no filtering. Mainly useful for traveling
-	## laptops?
 	# https://appliedprivacy.net/services/dns/ - Vienna, Austria
-	#forward-addr: 2a02:1b8:10:234::2@443#dot1.applied-privacy.net
-	#forward-addr: 146.255.56.98@443#dot1.applied-privacy.net
+	forward-addr: 2a02:1b8:10:234::2@443#dot1.applied-privacy.net
+	forward-addr: 146.255.56.98@443#dot1.applied-privacy.net
 
-	# Adguard DNS Unfiltered Anycast
-	forward-addr: 2a10:50c0::1:ff@853#dns-unfiltered.adguard.com
-	forward-addr: 2a10:50c0::2:ff@853#dns-unfiltered.adguard.com
-	forward-addr: 94.140.14.140@853#dns-unfiltered.adguard.com
-	forward-addr: 94.140.14.141@853#dns-unfiltered.adguard.com
+	# https://www.dns0.eu/open https://www.dns0.eu/network - French based. Private ECS
+	forward-addr: 193.110.81.254@853#open.dns0.eu
+	forward-addr: 185.253.5.254@853#open.dns0.eu
+	forward-addr: 2a0f:fc80::ffff@853#open.dns0.eu
+	forward-addr: 2a0f:fc81::ffff@853#open.dns0.eu
 
-	# NextDNS - anycast
-	forward-addr: 45.90.28.0@853#dns1.nextdns.io
-	forward-addr: 2a07:a8c0::@853#dns1.nextdns.io
-	forward-addr: 45.90.30.0@853#dns2.nextdns.io
-	forward-addr: 2a07:a8c1::@853#dns2.nextdns.io
+	# Adguard DNS Unfiltered Anycast. Malta based. Private ECS.
+	forward-addr: 2a10:50c0::1:ff@853#unfiltered.adguard-dns.com
+	forward-addr: 2a10:50c0::2:ff@853#unfiltered.adguard-dns.com
+	forward-addr: 94.140.14.140@853#unfiltered.adguard-dns.com
+	forward-addr: 94.140.14.141@853#unfiltered.adguard-dns.com