2.4 KiB
DNS notes
For DNS resolvers, refer to r/resolv.tsv
Identifying DNS resolver
- DNS-OARC’s Check My DNS - popup under “Network”.
- dnsleaktest
- whatsmydnsserver
- ipleak.net
- dnsadblock
The above list is based on redirect2me/which-dns README alternatives section
Identifying support for client-subnet
Or what is being sent to the authoritative servers.
dig +short TXT o-o.myaddr.l.google.com.
dig +short TXT whoami.ds.akahelp.net.
dig +short TXT whoami.ipv6.akahelp.net.
dig +short TXT whoami.ipv4.akahelp.net.
- Note: Cloudflare sends ECS only for whoami.ds.akahelp.net.
Mobile applications
With the exception of those apps that config I remember otherwise or share it with desktop versions etc.
Android
Use either cloudflare-dns.com
(which doesn’t have ECS)
or dns.google
(which has ECS) as the Private DNS
server as they have special handling and are thus DNS over HTTPS instead
of the usual DNS over TLS. This can be confirmed with https://1.1.1.1/help
(when using cloudflare-dns.com
).
Then setup your web browser (including Firefox (other than stable
which disables about:config
) and Chrome) to use DNS over
HTTPS with your preferred server and while at it enabling HTTPS only
mode.
FFUpdater
https://dns0.eu;2a0f:fc80::;2a0f:fc81::;193.110.81.0;185.253.5.0
https://open.dns0.eu;2a0f:fc80::ffff;2a0f:fc81::ffff;193.110.81.254;185.253.5.254
https://doh.opendns.com/dns-query;2620:119:35::35;2620:119:53::53;208.67.222.222;208.67.220.220
https://dns11.quad9.net/dns-query;2620:fe::11;2620:fe::fe:11;9.9.9.11;149.112.112.11