the point of changing the ISP DNS server

der_crazy · January 11, 2023, 05:17:52 PM

Hello everyone.

Last year I had a discussion w/ a friend of mine regarding setup and changing DNS servers and I want to hear the opinion of this forum to the following topic:

Everywhere I see advertisement for open DNS server, DNS server with adblocking, DoT or similar techniques... but, no matter which server I set up in my OPNsense, when I start a traceroute the first packed always goes out to my ISP and AFTER that, the next package went to my defined DNS server. But compared to some websites like ipleak.net or similar, I just see my defined DNS Server.

So whats the correct interpretation of this whole DNS Server topic and even how to test if DoT did even work, when the first package goes to the ISP unencrypted maybe?!

regards

chemlud · January 11, 2023, 05:56:13 PM

DoT comes with unbound, pick your preferred servers.

For testing DNS

https://ipleak.net/

https://www.dnsleaktest.com/results.html

https://cmdns.dev.dns-oarc.net/

der_crazy · January 15, 2023, 08:33:39 PM

Hello again.

Thx for the reply on how to test the services.

Did anybody has an answer to my initial question about the change onf DNS servers and the first packed travelling to the ISP?

regards

cookiemonster · January 15, 2023, 09:13:52 PM

Unbound will do its thing when a client sends it a dns query. Please verify that the client is sending the queries to it. Be aware some browsers with recent releases come with built in bypasses.
Please check your setup for dns for the system, for unbound and the dhcp server settings.
It'll be easier to assist if you shared the way these are setup and what client you are using to test and how.

the point of changing the ISP DNS server

der_crazy

January 11, 2023, 05:17:52 PM

chemlud

January 11, 2023, 05:56:13 PM #1

der_crazy

January 15, 2023, 08:33:39 PM #2

cookiemonster

January 15, 2023, 09:13:52 PM #3