Mikaela/mikaela.github.io
1
0
Fork 0
mirror of https://github.com/mikaela/mikaela.github.io/ synced 2024-11-20 02:59:29 +01:00
Code Issues Projects Releases Wiki Activity
12d3503cc3
mikaela.github.io/n/dns.md

3.6 KiB
Raw Blame History

DNS notes

For DNS resolvers, refer to r/resolv.tsv

Identifying DNS resolver

The above list is based on redirect2me/which-dns README alternatives section

Identifying support for client-subnet

Or what is being sent to the authoritative servers.

dig +short TXT o-o.myaddr.l.google.com.
dig +short TXT whoami.ds.akahelp.net.
dig +short TXT whoami.ipv6.akahelp.net.
dig +short TXT whoami.ipv4.akahelp.net.
  • Note: Cloudflare sends ECS only for whoami.ds.akahelp.net.

Mobile applications

With the exception of those apps that config I remember otherwise or share it with desktop versions etc.

Android

Use either cloudflare-dns.com (which doesnt have ECS) or dns.google (which has ECS) as the Private DNS server as they have special handling and are thus DNS over HTTPS3 instead of the usual DNS over TLS. This can be confirmed with https://1.1.1.1/help (when using cloudflare-dns.com).

Then setup your web browser (including Firefox (other than stable which disables about:config) and Chrome) to use DNS over HTTPS with your preferred server and while at it enabling HTTPS only mode.

Rethink

  1. Use either GitHub or F-Droid release as Google Play doesnt have blocklists.
  2. Enable it.
  3. In Android Settings, Internet, Advanced, VPN, select Rethink, make it always-on and block connections not using it.
  4. Disable private DNS in Android settings too, as it conflicts.
  5. In Rethink itself open Configure.
  • DNS: enable whatever DNS you prefer.
  • DNS: Visit on-device blocklists.
  • DNS: Consider enabling Use in-app downloader, DNS booster
  • DNS: Disable Prevent DNS leaks to avoid breakage.
  • Network: enable Use all available networks (experimental)
  • Network: Loopback (experimental)
    • This also implies the previous option.
  • Network: Choose IP version: Auto
  • Network: Perform connectivity checks
  1. Remember to also visit Android app details for Rethink, in battery menu select unrestricted and in network allow unlimited data even with data saver.

Hopefully there is no situation where Rethink stops working and thinks its still working. As can be deduced from this section, sometimes Rethink and I disagree with each other. I dont guarantee I know what I am doing.

FFUpdater

  • https://dns0.eu;2a0f:fc80::;2a0f:fc81::;193.110.81.0;185.253.5.0
  • https://open.dns0.eu;2a0f:fc80::ffff;2a0f:fc81::ffff;193.110.81.254;185.253.5.254
  • https://doh.opendns.com/dns-query;2620:119:35::35;2620:119:53::53;208.67.222.222;208.67.220.220
  • https://dns11.quad9.net/dns-query;2620:fe::11;2620:fe::fe:11;9.9.9.11;149.112.112.11