I have setup a port forward to force all DNS queries to be resolved locally like so:
interface: LAN
source: any
source port: any
destination: !LAN net (inverted)
destination port: 53
nat IP: 127.0.0.1
nat port: 53
To test this, I changed the DNS on my wired LAN desktop to Cloudflare's 1.1.1.1 then did an nslookup of google.com and it returned that it was using server: one.one.one.one (1.1.1.1) instead of 192.168.0.1 as it should.
Any idea why?
TCP+UDP?
Good question, yes "TCP/UDP"
Are you sure it is not working? As far as nslookup is concerned, it is asking 1.1.1.1, but that doesn't mean that the reply is coming from there
A good way to check is to query a local DNS record - if a correct reply is received, then the redirect must be working, because Cloudflare would not know about the local DNS record
Alternatively turn on logging on your rules and watch the traffic when a request is made
Great call! I didn't realize that's how it works, but I'm sure you're right, it just prints whats registered, not what's happening. Turning the forward off creates failures finding local domains and turning it on successes, so all is good again 👍