> you can but if it cant resolve it will fallback to googles resolver automatica... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		starfleet_bop on Sept 29, 2020 \| parent \| context \| favorite \| on: Samsung TV owners complain about increasingly obtr... > you can but if it cant resolve it will fallback to googles resolver automatically. At least this is what happened on my model. I built my own router with a raspberry pi. I installed pi-hole and use that as a dns resolver. I then use an iptables rule to NAT / forward all dns traffic on port 53 to the pi-hole resolver, similar to how ISPs often intercept dns requests. This prevents IOT devices from bypassing the dns server configured via my DHCP. Letting pi-hole block the requests helps prevent errors from dns request timeouts.

ArchOversight on Sept 29, 2020 | [–]

DNS over HTTP has screwed this up.

I'm just waiting for smart devices to start doing that instead, forcing me to set up full SSL filtering until they start doing encrypted SNI :/

starfleet_bop on Sept 29, 2020 | | [–]

True, although then I’d lose trust in the devices and wouldn’t want to use them by that point anyway.

lostlogin on Sept 29, 2020 | [–]

This method works really well.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact