Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Query Root DNS Servers on Alternate port

    Scheduled Pinned Locked Moved DHCP and DNS
    2 Posts 2 Posters 102 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      mloiterman
      last edited by

      My ISP has the ability to hijack my DNS. I'm wondering if there is a way for me to send my Resolver's queries on a port other than 53?

      1 Reply Last reply Reply Quote 0
      • GertjanG
        Gertjan
        last edited by

        Yep.

        Here is the list https://www.iana.org/domains/root/servers - contact them, and ask them if they could open another port.
        Please, let them keep port 53 in parallel, otherwise the Internet will stop working for all of us.

        More serious :
        The root guys don't support DoT.
        Keep in mind : activating DoT for the entire chain will multiply for ever involved server the load by a huge factor.
        See, for example, https://www.reddit.com/r/sysadmin/comments/caf8se/dns_over_tls_with_root_name_servers_clarification/

        If you want a sure answer : use DNSSEC.
        If you want to hide your traffic for your ISP : forward to, for example, one.one.one.one (is 1.1.1.1 but don't use the numbers, use the host name).
        As of today, you can't have both.

        Or, why not : pushing everything over a VPN with an end point very nearby one of the x.root-servers.net guys.

        No "help me" PM's please. Use the forum, the community will thank you.
        Edit : and where are the logs ??

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.