Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    USING DNS OVER TLS WITH FIBER

    Scheduled Pinned Locked Moved General pfSense Questions
    4 Posts 2 Posters 483 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      JMV43 0
      last edited by

      Upgrading to fiber from basic cable, it is Metronet, I understand they use cgnat. Have some questions.

      1. Can I use DNS over TLS?
      2. Can I use DNS Resolver?
      3. Or just use pfBlocker.
      4. If I use a static IP can I use the above.

      Thanks
      JMV

      johnpozJ 1 Reply Last reply Reply Quote 0
      • johnpozJ
        johnpoz LAYER 8 Global Moderator @JMV43 0
        last edited by johnpoz

        @JMV43-0 cgnat doesn't prevent you from talking to anything on the public net. What you can not do when your on a cgnat IP is normally allow for any unsolicited inbound traffic, unless they set that up for you for specific ports, etc.

        But if you want to ask say quad9 for dns, or for dns over https (doh) or dns over tls (dot) that should not be a problem. Nor should you have any problem just resolving dns..

        Unless of course this isp blocks dns to anything other than their dns servers, etc. But cgnat in general shouldn't effect your ability to talk to anything on the public internet. Be it just some website or email server or dns..

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 24.11 | Lab VMs 2.8, 24.11

        J 1 Reply Last reply Reply Quote 0
        • J
          JMV43 0 @johnpoz
          last edited by

          @johnpoz I see, thank you very much for your response. I've tried to do my research but had those doubts. Thanks again.

          JMV

          johnpozJ 1 Reply Last reply Reply Quote 0
          • johnpozJ
            johnpoz LAYER 8 Global Moderator @JMV43 0
            last edited by

            @JMV43-0 you know how your router at home nats your public IP to your rfc1918 address. CGnat is like that - the nat is just done in the isp network, and then your router nats the cgnat space 100.64/10 (normally) to your rfc1918 space 192.168/16,10/8 or 172.16/12

            An intelligent man is sometimes forced to be drunk to spend time with his fools
            If you get confused: Listen to the Music Play
            Please don't Chat/PM me for help, unless mod related
            SG-4860 24.11 | Lab VMs 2.8, 24.11

            1 Reply Last reply Reply Quote 1
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.