DNS Server Question

Khadanja

Regular Contributor
I'm using cloudfare DNS servers & I also have DoT enabled. From what I understand all my DNS queries should be going through cloudfare servers but every time I lookup my DNS servers online I get two server addresses, one is 198.41.237.11 cloudfare & the other is 202.8.47.94 which isn't cloudfare as far as I can tell. Please correct me if I'm understanding this completely wrong & apologies if I am but why does that 2nd server come up? I used ipleak.net & dnsleaktest.com to check.
 
Last edited:

dave14305

Part of the Furniture
Your screenshot is unreadable, but you won’t usually see 1.1.1.1 in a leak test since 1.1.1.1 is an anycast IP. The other IP seems to be from Quad9 (woodynet). Maybe that’s the 4th unreadable entry in your screenshot.
 

Gar

Very Senior Member
Can DoT be "blocked" by an ISP as seems to be my case?

EDIT: I cannot make it work no matter what I try/change. It worked with my previous ISP.
 

dave14305

Part of the Furniture
Can DoT be "blocked" by an ISP as seems to be my case?

EDIT: I cannot make it work no matter what I try/change. It worked with my previous ISP.
Sure, since it’s so easily identifiable on port 853. Maybe you’re a candidate for DoH or dnscrypt instead.
 

Khadanja

Regular Contributor
Your screenshot is unreadable, but you won’t usually see 1.1.1.1 in a leak test since 1.1.1.1 is an anycast IP. The other IP seems to be from Quad9 (woodynet). Maybe that’s the 4th unreadable entry in your screenshot.
Thanks when I searched the 2nd IP it came up as Citylink NZ so I was confused. Not sure what went wrong with screenshot. Removed it
 

bbunge

Very Senior Member
Can DoT be "blocked" by an ISP as seems to be my case?

EDIT: I cannot make it work no matter what I try/change. It worked with my previous ISP.
There are DNS resolvers that support DoT on port 443. You might do some research and try one.
 

Gar

Very Senior Member
There are DNS resolvers that support DoT on port 443. You might do some research and try one.
Port 443 blocked too. Experimenting with DoH now (on the quest for more privacy).

Thanks for all the input, it is appreciated!
 

dave14305

Part of the Furniture
Port 443 blocked too. Experimenting with DoH now (on the quest for more privacy).

Thanks for all the input, it is appreciated!
Just curious if you want to share which US ISP is blocking DoT?
 

Gar

Very Senior Member
Wave Rural Connect. Looks like it started in AR, but expanded to the northeast as far as ME.
 

RMerlin

Asuswrt-Merlin dev
Port 443 blocked too.
If port 443 was really blocked, it means you would be unable to access any web site over HTTPS... Your issue is elsewhere.
 

Gar

Very Senior Member
If port 443 was really blocked, it means you would be unable to access any web site over HTTPS... Your issue is elsewhere.
HTTPS works, so I'm very interested to figure out where I have gone wrong. Especially since my previous ISP was fine, only the ISP has changed in my setup.
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top