Comment on Tips for asking ISP to allow for using my own DNS setup for self-hosted VPN?
redcalcium@lemmy.institute 1 year ago
Oh, your ISP very shitty, is just like mine! My solution is by using several upstream DNS servers that listen on alternate ports (so the requests are not intercepted by my ISP), and using TLS and QUIC (can’t intercept it because it’s encrypted).
My Adguard upstream DNS settings:
tls://1.1.1.1 tls://1.0.0.1 tls://8.8.8.8 tls://8.8.4.4 tcp://9.9.9.9:9953 udp://9.9.9.9:9953 quic://unfiltered.adguard-dns.com
YonatanAvhar@programming.dev 1 year ago
Why do ISPs put in the extra effort to make their service shittier? What benefit do they gain from forcing more load to their DNS servers?
housepanther@lemmy.goblackcat.com 1 year ago
This is purely a money move. They want to sell statistical data if I had to guess. I use DoT with Unbound because fuck Verizon.
redcalcium@lemmy.institute 1 year ago
My country has a national block list that must be followed by all ISP. Last year, they even went an extra mile to enforce the DNS hijacking at internet backbone level, so if any ISP neglect to do it, it’ll still get enforced by the national internet backbone.
My ISP is fully embracing this system, to the point of performing deep packet inspection to enforce the national block list. Any blocked domain will return an IP address containing a web page full of ads (basically saying that the domain is blocked, here are some ads instead)I guess it’s profitable for them to do this. They also blocked Netflix using this system for years until Netflix caved in and partner with the ISP to sell subscription (yay for no net neutrality I guess).