| View previous topic :: View next topic |
| Author |
Message |
grant123
Veteran
Joined: 23 Mar 2005
Posts: 1080
|
 Posted: Tue Nov 12, 2013 11:17 am Post subject: unbound blocked by ISP? |
 |
|
| unbound won't work in the last couple of hotels I've stayed in. Is this likely due to the ISP blocking port 53? Is there anything I can do about this or am I stuck with their DNS? |
|
| Back to top |
|
 |
eccerr0r
Watchman
Joined: 01 Jul 2004
Posts: 9678
Location: almost Mile High in the USA
|
| Posted: Tue Nov 12, 2013 4:19 pm Post subject: |
|
|
I was wondering, what is unbound, it's net-dns/unbound and is a DNS server.
However, DNS can't really be blocking port 53 for outgoing, it'd break everything as everything relies on DNS. Incoming however, even a simple NAT will block it.
I don't see why you can't run your own caching DNS server though since there shouldn't be incoming DNS. Are you sure your config still works? Why are you using a caching DNS server for a single machine?
_________________
Intel Core i7 2700K/Radeon R7 250/24GB DDR3/256GB SSD
What am I supposed watching? |
|
| Back to top |
|
|
grant123
Veteran
Joined: 23 Mar 2005
Posts: 1080
|
| Posted: Wed Nov 13, 2013 1:18 pm Post subject: |
|
|
| Quote: | | However, DNS can't really be blocking port 53 for outgoing, it'd break everything as everything relies on DNS. |
Good point, but maybe the ISP is blocking outgoing DNS to all except their own DNS servers? Is that done sometimes? I'm at a residence now and unbound works without any change in config.
| Quote: | | Are you sure your config still works? |
It actually should (and used to) work without any configuration. I checked unbound.conf but I don't see anything that could help.
| Quote: | | Why are you using a caching DNS server for a single machine? |
Please correct me if I'm wrong, but doesn't caching reduce the number of outgoing DNS requests from the single machine? |
|
| Back to top |
|
|
eccerr0r
Watchman
Joined: 01 Jul 2004
Posts: 9678
Location: almost Mile High in the USA
|
| Posted: Wed Nov 13, 2013 2:12 pm Post subject: |
|
|
Yes it's also possible that ISPs block all requests to DNS servers outside their network, possibly because they it's needed to make captive portals work.
I thought single machines with modern OS will cache DNS entries at least for a short while. Depending on TTL given by the DNS server, it will drop DNS lookups, but a caching server should also drop them too. I just ran sniffed my ether and it looks like this is the case, my Linux box appears to self cache some lookups, multiple lookups in succession don't appear to send out another DNS request unless the TTL for the entry is really short (like google...).
_________________
Intel Core i7 2700K/Radeon R7 250/24GB DDR3/256GB SSD
What am I supposed watching? |
|
| Back to top |
|
|
grant123
Veteran
Joined: 23 Mar 2005
Posts: 1080
|
| Posted: Thu Nov 14, 2013 12:07 pm Post subject: |
|
|
| Quote: | | Why are you using a caching DNS server for a single machine? |
Is there a better (non-caching) choice for a single machine? |
|
| Back to top |
|
|
|
Networking & Security
