Closed agneevX closed 1 year ago
Thanks for the post. When you use domain name as the forwarder then the DNS server will perform recursive resolution to try to resolve it to IP address. But, in your case, the recursive resolution is not working due to network issues which is why you see this in the error:
TechnitiumLibrary.Net.Dns.DnsClientException: No IP address was found for name server: one.one.one.one
Recursive resolution does not work for many networks since ISPs keep hijacking/filtering DNS requests.
It works if I specify the IP address of the resolver in
()
.
Which is why you will need to enter the IP addresses manually in those round brackets.
Obviously the point of a hostname is that the underlying IP can change anytime, so specifying IPs after doing a manual lookup is not appropriate.
The IP address for the service you are using is static (1.1.1.1) in this case. Also, IP addresses used for DNS server are always static and all DNS server config anywhere always requires an IP address otherwise its chicken or the egg issue when resolving a domain name.
Being able to configure a domain name as a forwarder is a special feature that the DNS server supports since it has built in capability to perform recursive resolution.
Recursive resolution does not work for many networks since ISPs keep hijacking/filtering DNS requests.
That is true in my case, however shouldn't it still be able to still resolve the domain, even if hijacked?
The IP address for the service you are using is static (1.1.1.1) in this case.
Yeah, that was an example I provided. The actual name servers I intend to use change their IPs.
Recursive resolution does not work for many networks since ISPs keep hijacking/filtering DNS requests.
That is true in my case, however shouldn't it still be able to still resolve the domain, even if hijacked?
It depends on how your ISP is restricting DNS. They may be dropping requests that go to root servers for example which will cause issues with recursive resolution.
The IP address for the service you are using is static (1.1.1.1) in this case.
Yeah, that was an example I provided. The actual name servers I intend to use change their IPs.
Its a strange thing to host DNS on dynamic IP address. Since your ISP is giving issues with recursive resolution, you can use a conditional forwarder zone to resolve the domain name in the DoH URL.
For example, if your DoH URL that you use as forwarder is https://doh.example.com/dns-query
, then create a conditional forwarder zone for doh.example.com
with DNSSEC validation disabled and IP address of any DNS server as the forwarder that works from your network. You may use 1.1.1.1, 8.8.8.8, or DNS servers provided by your ISP itself. With this setup, the DNS server will resolve the doh.example.com
using the conditional forwarder and then resolve all other domain names using the DoH forwarder.
Ok, thanks!
Hello.
I get an error when using any secure DNS that has a hostname.
It works if I specify the IP address of the resolver in
()
.Obviously the point of a hostname is that the underlying IP can change anytime, so specifying IPs after doing a manual lookup is not appropriate.