Comment on DNS server
Shimitar@downonthestreet.eu 1 week ago
My 2c.
Changing “DNS” won’t fix it. There are two DNS: dnsmasq and inbound (and bind, ok). What else you use doesn’t matter (pihole, adguard, opnSense) at the end of the day it’s always them inside.
In my experience ISPs will block your direct DNS queries overtime, so it might be that. I set up my unbound as caching and forwarding, not as a pure resolver. This fixed all my issues with DNS self hosted. You can forward to 9.9.9.9 if you like it.
Another issue might be with your blocklists of course, your azure might have been temporary listed maybe.
Over time I ended up choosing a very lax blocklist setup due to this reason
non_burglar@lemmy.world 1 week ago
I have no idea what ISP you’re using, but that’s probably not true. Lots of devices have hard-coded DNS servers and nothing would work if ISPs stated blocking dns upstream queries.
Shimitar@downonthestreet.eu 1 week ago
Above some threshold, the one you will cross when filtering port 53 in your network and setup a custom full resolver, it can happen.
I experienced it, it seems they filter excess dns traffic from inside. Probably more a malware/anti spam measure than an actually DNS blocking.
pishadoot@sh.itjust.works 1 week ago
Even if your ISP did have something in place to try and prevent abuse I find it unlikely it would trigger over normal traffic. Do you have a huge network/many hosts/exposed services?
Shimitar@downonthestreet.eu 1 week ago
Just a normal 4 people home, two teenagers tough. Enabling a DNS resolver indeed stop working after a few days while setting it up as forwarder to 1.1.1.1 or 8.8.8.8 or pick yours works just fine.
Maybe it’s something else, but when it happens, that’s the feel