|
|
So, i normally use 1.1.1.1 etc for my DNS servers rather than the ISP supplied ones, and for some reason, if i change them, i still seem to be routed through the ISP servers as well as the CF ones.
If i leave them set to ISP supplied DNS servers, i only get theirs listed using the below test website.
https://www.top10vpn.com/tools/what-is-my-dns-server/
Surely i should only see the Cloudfare servers if i change them and not the ISP ones as well?
Or am i not understanding how they work?
|
|
|
|
I take it you are setting the cloudfare DNS manually on a PC or similar. But your router may be picking up DNS from your ISP and setting it via DHCP or you may have the DNS set in your router.
I have my DNS set to my router and set the DNS I want in the router.
|
|
|
I take it you are setting the cloudfare DNS manually on a PC or similar. But your router may be picking up DNS from your ISP and setting it via DHCP or you may have the DNS set in your router.
I have my DNS set to my router and set the DNS I want in the router.
Yes, i do the same.
All clients point to the router for the DNS, and the router i am manually setting but on testing, it still lists the ISP as the connected server, along with Cloudfare as well.
It appears to list the ISP and then Cloudfare, which seems to be adding a layer.
Ill try and get a screenshot!
|
|
Register (or login) on our website and you will not see this ad.
|
|
|
Ok, so this is what i get with Cloudfare set in router as DNS primary and secondary.
https://thumbsnap.com/u14f1UGw
|
|
|
Or am i not understanding how they work?
I use quad 9 for DNS and that test reports I'm using WoodyNet (which appears to be one of the partners. I don't see my ISP (virgin media) on the list. I use my own router in place of the ISP supplied one, and have quad9 set on the router.
You may want to investigate if you can use secure DNS (DNS-over-TLS or DNS-over-HTTPS), or if your web browser is overriding what is set in the operating system.
Or your router and/or ISP are hijacking DNS. Quite possible.
24 years of broadband connectivity since 1999 trial - Live BQM
|
|
|
Ok, so this is what i get with Cloudfare set in router as DNS primary and secondary.
Paste the output of ipconfig /all
Oliver.
|
|
|
I don't think that test is at all accurate.
I use NextDNS and all other DNS traffic is blocked and re-directed to NextDNS on my router.
Every other test shows this as working as designed, except this one.
Try this one https://www.dnsleaktest.com/
OPNSense on Topton N100 - SWISH Fibre 900
NextDNS (subscription) - Unifi for Wifi
My Broadband Ping |
|
|
I don't think that test is at all accurate.
I use NextDNS and all other DNS traffic is blocked and re-directed to NextDNS on my router.
Every other test shows this as working as designed, except this one.
Try this one https://www.dnsleaktest.com/
Interesting.
I just tried that test a couple of times and its only picking up the ISP DNS and not Cloudfare that is manually set on the router.
BTW, router is a Netgear RS300.
Test result
https://thumbsnap.com/27aie9ZR
Router
https://thumbsnap.com/3ek1NXtP
Weird.
|
|
|
Paste the output of ipconfig /all
Unless you have a Mac, or Linux machine.
Try this one https://www.dnsleaktest.com/
Gives me exactly the same results, using my Asus router, and Quad9 DNS.
24 years of broadband connectivity since 1999 trial - Live BQM
|
|
|
|
For the avoidance of doubt, you guys are actually discussing cloudf*L*are here, right?
|
|
|
For the avoidance of doubt, you guys are actually discussing cloudf*L*are here, right?
My bad.
Yes that's correct!
|
|
|
I believe that that site is pretty useless as browsers don't necessarily use only the DNS server set up in the OS's network settings. This is further compounded on modern Apple devices when iCloud relay is active.
I get different results from an iPad and a Windows machine, though both are set up to point to my router for DNS resolution.
--------------------------------------------------------------
Obsession is the single most wasteful human activity
Norman Mailer
|
|
|
I believe that that site is pretty useless as browsers don't necessarily use only the DNS server set up in the OS's network settings. This is further compounded on modern Apple devices when iCloud relay is active. ICloud private relay only exists if you pay for iCloud+ of course. I thought in the UK that browser based “secure DNS” was off by default, as the browsers were yelled at by UK Gov as they could potentially bypass the “David Cameron Filters” that ISPs have to provide by default.
I get different results from an iPad and a Windows machine, though both are set up to point to my router for DNS resolution. If you have iCloud + that would be expected.
24 years of broadband connectivity since 1999 trial - Live BQM
|
|
|
Paste the output of ipconfig /all
Unless you have a Mac, or Linux machine.
You forgot to mention Amiga. 😢
Oliver.
|
|
|
So, i normally use 1.1.1.1 etc for my DNS servers rather than the ISP supplied ones, and for some reason, if i change them, i still seem to be routed through the ISP servers as well as the CF ones.
If i leave them set to ISP supplied DNS servers, i only get theirs listed using the below test website.
https://www.top10vpn.com/tools/what-is-my-dns-server/
Surely i should only see the Cloudfare servers if i change them and not the ISP ones as well?
Or am i not understanding how they work?
What Router do you have. When connecting to the WAN (ISP) you have a choice of accepting the Default DNS or using your own. This is the case with my Asus router. I can say no to the automatic DNS and set my own. Separately, I can set the DNS for any client in DHCP setup. Lastly, I have the option of either advertising the router DNS in addition to the DHCP DNS. Most routers will always advertise their own address for DNS, regardless of whether you have set the DNS in LAN/DHCP. IF you have accepted the automatic WAN DNS in WAN configuration, then as far as I'm aware, all Windows PC's will accept 3 DNS addresses when obtaining a lease, the ones you specify in DHCP AND the Router IP, which will then route to the ISP DNS servers. As for other devices, cannot tell you, hit and miss as to whether they accept the router DNS as well.
Edited by wiggsc00 (Mon 30-Sep-24 16:07:03)
|
|
|
|
Post deleted by pyarwood
|
|
|
Paste the output of ipconfig /all
Unless you have a Mac, or Linux machine.
You forgot to mention Amiga. 😢
And Atari ST
|
|
|
This url I find is useful for looking at dns servers. You need to clock on a dns button to test them.
https://browserleaks.com/ip
If it does report your ISP servers, maybe your router has an option to still include the ISP's DNS in addition to your configured ones (some router software does this), if it does its probably in the WAN settings.
Edited by Chrysalis (Tue 01-Oct-24 19:44:51)
|
|
|
I don't think that test is at all accurate.
I use NextDNS and all other DNS traffic is blocked and re-directed to NextDNS on my router.
Every other test shows this as working as designed, except this one.
Try this one https://www.dnsleaktest.com/
Just showed cloudflare for me which is what I have configured. Also of course there is http over dns now which browsers might use.
Edited by Chrysalis (Tue 01-Oct-24 19:47:21)
|
|
|
It showed Cloudflare for me too which I do not have configured.
All other DNS checkers show correctly as mentioned so it is something specific to this one.
OPNSense on Topton N100 - SWISH Fibre 900
NextDNS (subscription) - Unifi for Wifi
My Broadband Ping |
|
|
So, i normally use 1.1.1.1 etc for my DNS servers rather than the ISP supplied ones, and for some reason, if i change them, i still seem to be routed through the ISP servers as well as the CF ones.
If i leave them set to ISP supplied DNS servers, i only get theirs listed using the below test website.
https://www.top10vpn.com/tools/what-is-my-dns-server/
Surely i should only see the Cloudfare servers if i change them and not the ISP ones as well?
Or am i not understanding how they work?
What Router do you have. When connecting to the WAN (ISP) you have a choice of accepting the Default DNS or using your own. This is the case with my Asus router. I can say no to the automatic DNS and set my own. Separately, I can set the DNS for any client in DHCP setup. Lastly, I have the option of either advertising the router DNS in addition to the DHCP DNS. Most routers will always advertise their own address for DNS, regardless of whether you have set the DNS in LAN/DHCP. IF you have accepted the automatic WAN DNS in WAN configuration, then as far as I'm aware, all Windows PC's will accept 3 DNS addresses when obtaining a lease, the ones you specify in DHCP AND the Router IP, which will then route to the ISP DNS servers. As for other devices, cannot tell you, hit and miss as to whether they accept the router DNS as well.
I have a new Netgear RS300, but i get the same problem with the ISP supplied router.
If i use Cloudflare, when it reconnects, it seems to just drag in the ISP DNS when i look at the PPP reconnection.
This is the ISP router log with manually configured Cloudflare DNS
https://thumbsnap.com/f/2yBavSRb
|
|
|
|
Unfortunately the log tells me what it's doing, not what you've configured. Need to see a screenshot (obscure any username or in the clear password) of your internet settings page(s) and the LAN/DHCP pages(s). The pppoe settings are the likely culprit
|
|
|
Unfortunately the log tells me what it's doing, not what you've configured. Need to see a screenshot (obscure any username or in the clear password) of your internet settings page(s) and the LAN/DHCP pages(s). The pppoe settings are the likely culprit
Ok ill put the ISP router back in and grab some screenshots.
Thing is, i get similar results whichever router is in place.
I also had an old Technicolor router that i tried, and that seems to only connect to the ISP DNS regardless as well!
Edited by Alucidnation (Wed 02-Oct-24 16:57:26)
|
|
|
Need to see the settings on the Netgear router. If you're using that one.
Edited by wiggsc00 (Wed 02-Oct-24 17:30:17)
|
|
|
It showed Cloudflare for me too which I do not have configured.
All other DNS checkers show correctly as mentioned so it is something specific to this one. ]
You are blocking DNS queries on port 443 then? Now days DNS is more complicated to block.
--
I just tested the link over my friends connection, and cloudflare isnt listed, just his ISP DNS servers.
Personally I wouldnt be automatically blaming the test but looking instead for the leak. I had someone else in another thread a while back saying the same thing about the browserleak dns test, he was adamant his config was sound so I gave up on it.
Edited by Chrysalis (Thu 03-Oct-24 00:21:50)
|
|
|
You forgot to mention Amiga. 😢
Nor did I mention a networked DOS machine, nor a DEC VAX; or any of the other legacy kit I've tried in years gone by. My point was that posting a Windows/DOS command isn't necessarily represenative of what people are using in 2024.
24 years of broadband connectivity since 1999 trial - Live BQM
|
|
|
My point was that posting a Windows/DOS command isn't necessarily represenative of what people are using in 2024.
My point was that I was giving the command for the most-used OS and people using a lesser-used OS will most likely know their equivalent without me having to spell it out.
But in future I will most likely have to add "or whatever your OS's equivalent is" to satisfy the pedants.
Oliver.
|
|
|
Need to see the settings on the Netgear router. If you're using that one.
Ok so i have been through all the settings and everything is set up as it should be eg, Manual DNS entry etc.
Posting screenshots of the WEB gui is difficult as the most i can get in one screen shot is one setting.
The layout of the Netgear settings is quite poor tbh!
|
|
|
|
To be fair, most GUI's have their issues, Asus included, where things are buried deep!
There is no reason for this to occur if you have set at the WAN and DHCP settings page the DNS entries you want to use.
The only remaining item is IPv6. Do you have both IPV4 and IPv6? DNS is separate for both, wonder if the router is handing out IPV6 addresses with the ISP IPV6 DNS server...
Certainly, when I configure IPv6, again, you can accept the default from ISP or set your own.
|
|
|
To be fair, most GUI's have their issues, Asus included, where things are buried deep!
There is no reason for this to occur if you have set at the WAN and DHCP settings page the DNS entries you want to use.
The only remaining item is IPv6. Do you have both IPV4 and IPv6? DNS is separate for both, wonder if the router is handing out IPV6 addresses with the ISP IPV6 DNS server...
Certainly, when I configure IPv6, again, you can accept the default from ISP or set your own.
Interesting you bring up IPV6.
With the isp router, i disabled IPV6 as it doesnt seem to work at all when testing, and yet is fine on the NETGEAR.
However, i have just put the NG back to ISP DNS on V4 and disables IPV6 and on the test it appears to sill have V6 detected?
https://thumbsnap.com/jVBWH4e1
Edited to add:
Just put v4 DNS back to Cloudflare and Google and after another test, the ISP DNS seems to be gone, however, they are still detecting IPV6?
They all seem to take a hell of a route!
https://thumbsnap.com/oiREn384
Also, i thought i would manually set V6 DNS but on the router, there seems to be too many 'spaces' to enter them.
https://thumbsnap.com/EgF1MfLv
Edited by Alucidnation (Sat 05-Oct-24 07:12:22)
|
|
|
Also, i thought i would manually set V6 DNS but on the router, there seems to be too many 'spaces' to enter them.
https://thumbsnap.com/EgF1MfLv
Look up shorthand IPv6 notation: https://networklessons.com/ipv6/shortening-ipv6-addr...
Oliver.
|
|
|
Also, i thought i would manually set V6 DNS but on the router, there seems to be too many 'spaces' to enter them.
https://thumbsnap.com/EgF1MfLv
Look up shorthand IPv6 notation: https://networklessons.com/ipv6/shortening-ipv6-addr...
Thanks!
Every day is a school day and now works as expected!
|
|
|
To be fair, most GUI's have their issues, Asus included, where things are buried deep!
There is no reason for this to occur if you have set at the WAN and DHCP settings page the DNS entries you want to use.
The only remaining item is IPv6. Do you have both IPV4 and IPv6? DNS is separate for both, wonder if the router is handing out IPV6 addresses with the ISP IPV6 DNS server...
Certainly, when I configure IPv6, again, you can accept the default from ISP or set your own.
Interesting you bring up IPV6.
With the isp router, i disabled IPV6 as it doesnt seem to work at all when testing, and yet is fine on the NETGEAR.
However, i have just put the NG back to ISP DNS on V4 and disables IPV6 and on the test it appears to sill have V6 detected?
https://thumbsnap.com/jVBWH4e1
Edited to add:
Just put v4 DNS back to Cloudflare and Google and after another test, the ISP DNS seems to be gone, however, they are still detecting IPV6?
They all seem to take a hell of a route!
https://thumbsnap.com/oiREn384
Also, i thought i would manually set V6 DNS but on the router, there seems to be too many 'spaces' to enter them.
https://thumbsnap.com/EgF1MfLv
Yeah, just because you only single stack to v4, it doesnt mean cloudflare dont do queries over v6 to the wider internet, the sites are detecting the DNS outbound connections, which is how they check what DNS you are using. So that result isnt unexpected.
|
Pages in this thread: 
Print Thread
