Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Still using 53 despite configuring 853

    Scheduled Pinned Locked Moved DHCP and DNS
    3 Posts 2 Posters 690 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • ?
      A Former User
      last edited by

      I have DNS servers configured to be 1.1.1.1 and 1.0.0.1.
      I also have DNS resolver enabled (listening on 53 on the LAN interface and All outgoing network interfaces). Custom options include the following:

      local-data: "local.lan. 10800 IN SOA pfsense.local.lan. root.local.lan. 1 3600 1200 604800 10800"

server:
private-domain: "plex.direct"
include: /var/unbound/pfb_dnsbl.*conf
forward-zone:
name: "."
forward-ssl-upstream: yes
forward-addr: 1.1.1.1@853
forward-addr: 1.0.0.1@853
forward-addr: 9.9.9.9@853
forward-addr: 149.112.112.112@853

      I ran a packet capture and went to a few random sites. The results show google DNS servers being used on 53.

      I restarted the dnsmasq service, flushed windows dns, and chrome dns.

      I'm not sure what else to configure to ensure using DNS over TLS. Any help would be appreciated.

      1 Reply Last reply Reply Quote 0
      • T
        tman222
        last edited by

        Hi @surfshack66,

        Can you please confirm that:

        1. The DNS Forwarder (Services, DNS Forwarder) is disabled?
        2. The DNS Resolver (Servers, DNS Resolver) is enabled and the "Enable Forwarding Mode" option is checked?

        Hope this helps.

        ? 1 Reply Last reply Reply Quote 0
        • ?
          A Former User @tman222
          last edited by

          @tman222 said in Still using 53 despite configuring 853:

          Hi @surfshack66,

          Can you please confirm that:

          1. The DNS Forwarder (Services, DNS Forwarder) is disabled?
          2. The DNS Resolver (Servers, DNS Resolver) is enabled and the "Enable Forwarding Mode" option is checked?

          Hope this helps.

          Hi @tman222 - Thanks for the help. Turns out I had a firewall rule restricting certain ports on the LAN and 853 was not included. Also, that rule wasn't flagged to log alerts, so I didn't catch it.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.