Confused about AGH+Unbound+OPNSense DNS Leak Results

[fbeye]

So, one on side everything says it is working good and correct, on the other when I do DNS LEAKE test it says "exposed and leaking and ISP can see everything" and yet the DNS Servers listed are nothing to do with my ISP.

Your DNS requests are exposed!
Whoever runs your DNS servers can log every website you visit.
162.244.53.198
i3D.net B.V
United States
United States
172.70.213.95
CloudFlare Inc.
United States
United States
162.244.53.202
i3D.net B.V
United States
United States
172.70.205.51
CloudFlare Inc.
United States
United States
172.70.205.233
CloudFlare Inc.
United States
United States

[OPNenthu]

Which site are you using to test?  I noticed many of the VPN affiliated ones tend to scare monger.

I like this one: https://www.dnsleaktest.com/

As long as you don't see your ISP's DNS there, I think you're not 'leaking'.  The trouble is with the definition of 'leak'... not having one doesn't mean the ISP can't see your queries.  It just means that you aren't unintentionally sending queries to your ISP.

Whoever runs your DNS servers can log every website you visit.

True.  Also, the ISP can inspect DNS queries even if you don't use theirs.  They can also see which IPs you connect to and infer your traffic that way.

But in this context, I think the site you're using is probably trying to sell you something that would enable them to log your queries.

[fbeye]

At this moment I do not recall which site... but using the one you mentioned, I do not see anything regarding my ISP or its DNS. I know there is no true safe resolution, but just wanted to at least make sure my I doubt was "working" as good as its able.