Enabled DoT but still see 53
-
Not sure why. I confirmed DoT via https://dnssec.vs.uni-due.de and https://www.cloudflare.com/ssl/encrypted-sni/
Running 2.4.5 and have two networks, GUEST and LAN. Using Cloudflare 1.1.1.2 and 1.1.1.1.
-
changed port forwarding for any request to port 53 redirects to 853. Still seeing 53 traffic at LAN.
tried to reject all to 53
Still see 53?!?
-
All devices and computers on your LAN will still be using standard DNS on port 53 locally, as they don't "speak" DoT. What you want to check for is outgoing 53 traffic on your WAN interface. What are you using for your DNS server? Make sure pfsense DNS settings are set to your DNS server as well as your DHCP's dns settings or any devices with static IP's on your network. Keep in mind that some IoT devices like Chromecasts will still try to ignore your preferred DNS server and use their provider.Edit: When I first opened this post none of the pictures loaded... imgur is blocked at work. Is the reject 53 rule also on Guest and Opt2? Do you have the same NAT rule setup for Opt2?
-
@ipeetables said in Enabled DoT but still see 53:
imgur is blocked at work
You're not the only one.
@amrogers3 : you can paste image right into the forum message. No need to paste in an image URL using the picture foru command at all :
![alt text](image url)
Just hit Ctrl V when the forum edit window is in focus, if you have the image copied just before.