What's new

[Alpha] DNSFilter also works when static DNS addresses are used by LAN clients ?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Intrepid2007

Regular Contributor
Hello,

I am using the latest available alpha firmware and I was wondering if DNSFilter should work in the scenario below as well??
(this is just an simple example to explain)

All DNS requests from LAN clients should be resolved by 1.1.1.1 (Custom 1):
1614759994782.png


Windows IPv4 settings use a static DNS (Google DNS in this example)
1614759799070.png


Now my inderstanding is that the DNS filter feature should check DNS requests and make sure that '1.1.1.1' is used instead...
When I test this particlar example by going to www.dnsleaktest.com, the DNS servers from Google are shown in the results..

Should DNSFilter also work when clients have static DNS servers configured?




Also if I set 'Global Filter mode' to Router, the behavior is the same.

1614760815933.png



However, if all settings in the LAN client settings are set to DHCP, the DNS filter feature works as expected.


UPDATE:
I rebooted the router and the problem disappeared (all working now)
 
Last edited:
Also make sure you set the DNS filter in LAN settings to Router.
 
When a client is configured with a DNS server that also supports DoH (DNS-over-HTTPSj, Google Chrome will “auto-upgrade” its own DNS queries to use that DNS Provider’s DoH service instead. DNS Filter cannot intercept DoH.
 
When a client is configured with a DNS server that also supports DoH (DNS-over-HTTPSj, Google Chrome will “auto-upgrade” its own DNS queries to use that DNS Provider’s DoH service instead. DNS Filter cannot intercept DoH.
So, if I set LAN/DHCP Server/DNS Server to 1.1.1.1 Chrome browsers will switch to DoH?
 
On the Asus/Merlin router on the WAN tab there is a setting "Prevent client auto DoH". I have mine set for Auto which is the default and it appears to work.

Morris
 
In theory, yes. That’s one more reason I use Firefox.
Might not be a bad thing. I manage a not for profit LAN where the staff uses Chrome browser. I have the router DNS servers set to 1.1.1.3 and 1.0.0.3 as they are a faith based operation. Would not hurt for them to have DoH to Cloudflare Family.
 

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top