Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
24.7 Production Series
»
DNS hijacking by provider
« previous
next »
Print
Pages: [
1
]
Author
Topic: DNS hijacking by provider (Read 433 times)
Wibbling
Newbie
Posts: 7
Karma: 0
DNS hijacking by provider
«
on:
August 10, 2024, 09:48:28 am »
I have an opnsense box with two connections. One the fibre line, the other a 4g modem.
When the fibre fails, the router falls back to the 4g.
This all works without issue.
However, when the 4g takes over, it rams in it's own DNS server, forcing safesearch which I don't want and which takes nigh a day to clear once the fibre is returned.
I've configured the Cloudflare DNS servers under System/Settings/General (why are they not under the actual interfaces as you'd expect them to be?) and these seemingly have no effect.
I've a pihole locally (behind the opnsense) for local DNS. Ideally I have opnsense use that for everything, only going out to the internet to a defined DNS server - regardless of interface I use) when pihole doesn't know.
I do have Unbound DNS enabled, but only to forward queries.
Clearly I am doing something wrong. If someone could point me toward how to resolve this I'd be very grateful.
Logged
meyergru
Hero Member
Posts: 1700
Karma: 167
IT Aficionado
Re: DNS hijacking by provider
«
Reply #1 on:
August 10, 2024, 09:59:33 am »
If your ISP intercepts DNS requests, it does not matter which DNS servers you configure for unencrypted DNS queries.
Try DoT instead
, Cloudflare offers that as well.
Logged
Intel N100, 4 x I226-V, 16 GByte, 256 GByte NVME, ZTE F6005
1100 down / 440 up
,
Bufferbloat A+
bimbar
Sr. Member
Posts: 435
Karma: 25
Re: DNS hijacking by provider
«
Reply #2 on:
August 11, 2024, 06:39:03 pm »
Perhaps " Allow DNS server list to be overridden by DHCP/PPP on WAN " is active?
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
24.7 Production Series
»
DNS hijacking by provider