Still using 53 despite configuring 853
-
I have DNS servers configured to be 1.1.1.1 and 1.0.0.1.
I also have DNS resolver enabled (listening on 53 on the LAN interface and All outgoing network interfaces). Custom options include the following:local-data: "local.lan. 10800 IN SOA pfsense.local.lan. root.local.lan. 1 3600 1200 604800 10800" server: private-domain: "plex.direct" include: /var/unbound/pfb_dnsbl.*conf forward-zone: name: "." forward-ssl-upstream: yes forward-addr: 1.1.1.1@853 forward-addr: 1.0.0.1@853 forward-addr: 9.9.9.9@853 forward-addr: 149.112.112.112@853
I ran a packet capture and went to a few random sites. The results show google DNS servers being used on 53.
I restarted the dnsmasq service, flushed windows dns, and chrome dns.
I'm not sure what else to configure to ensure using DNS over TLS. Any help would be appreciated.
-
Hi @surfshack66,
Can you please confirm that:
- The DNS Forwarder (Services, DNS Forwarder) is disabled?
- The DNS Resolver (Servers, DNS Resolver) is enabled and the "Enable Forwarding Mode" option is checked?
Hope this helps.
-
@tman222 said in Still using 53 despite configuring 853:
Hi @surfshack66,
Can you please confirm that:
- The DNS Forwarder (Services, DNS Forwarder) is disabled?
- The DNS Resolver (Servers, DNS Resolver) is enabled and the "Enable Forwarding Mode" option is checked?
Hope this helps.
Hi @tman222 - Thanks for the help. Turns out I had a firewall rule restricting certain ports on the LAN and 853 was not included. Also, that rule wasn't flagged to log alerts, so I didn't catch it.