https://man.openbsd.org/unwind.8 uses libunbound; it detects whether local DHCP DNS is working, works correctly with captive portals, and supports opportunistic or strict DNSSEC.
The blog post gives some hints at what it does differently but makes odd claims about unbound not working with captive portals, which I've never had any problems with. But maybe I've just been on well behaved networks or something. Look forward to this being done and ported.
It depends how your unbound is configured. In my case, I have unbound running on my laptop configured as a recursive resolver; i.e: it will not query the DHCP provided DNS.
In networks with captive portals, the DHCP provided DNS will have a record for a URL where the user has to enter credentials or at the very least agree to the terms and conditions. Very often though, that URL only resolves locally, so in my setup the captive portal setup doesn't work seamlessly.
I'm always surprised this conference isn't larger, it always has a wide breadth of low-level technical C/systems talks, with a mix of Unix/networking sysadmin content.
This was discussed in https://news.ycombinator.com/item?id=19738313 in April