I've a fiber link in PPPoE . My OPNsense router is DHCP server .
On every client in my lan network i can see in the nic settings the DNS field has the router IP address.
/ system/ settings / general / Allow DNS server list to be overridden by DHCP/PPP on WAN is checked .
At interfaces / overview / wan field / routes I can see my ISP Dns servers and google address . I've not set the google address .
Please help me to achieve the best configuration
thanks
What are the best settings for you depends on your own predilections.
Quote from: Gianry on October 13, 2024, 05:35:40 PM
On every client in my lan network i can see in the nic settings the DNS field has the router IP address.
So your devices use Unbound on OPNsense for resolving names.
Unbound uses DNS root servers for its lookups.
Quote from: Gianry on October 13, 2024, 05:35:40 PM
/ system/ settings / general / Allow DNS server list to be overridden by DHCP/PPP on WAN is checked .
Note that the servers you entered here are used by OPNsense itself only.
Quote from: Gianry on October 13, 2024, 05:35:40 PM
At interfaces / overview / wan field / routes I can see my ISP Dns servers and google address . I've not set the google address .
Possibly the Google server was pushed by your ISP. You can check the system log after reconnecting to verify this.
If you don't want to use the root servers, but a specific one you can configure DNS forwarding in the Unbound section.
You can also configure Unbound to forward requests to DNS over TLS. This would ensure that your ISP can whether redirect nor read your DNS communication.
Note that the ISP could redirect unencrypted requests to any other server without leaving traces.