Hey all, recent convert from pfSense. I’m trying to make sure only the DNS servers I’ve defined are being used for lookups? I’m using Unbound and noticing a lot of traffic on port 53 to destinations other than the ones I’ve put in.

  • MartianSands
    link
    fedilink
    English
    arrow-up
    1
    ·
    10 months ago

    Some devices or software will ignore what the os or network are telling them and use their own DNS servers, mainly to bypass filtering. If that’s what’s happening then you’re mostly out of luck. The best you could do is set up firewall rules to block those other servers, assuming they all even use port 53, but that would probably just prevent those devices from working at all.

    It’s not completely out of the question that you could intercept and redirect those requests, if they’re not encrypted