Maybe ipv6 leak?

[gregor-hh]

Hello Peter, me again. I saw something strange.

I am currently using dot-cloudflare through celluar, see image:

A test on dnsleaktest.com looks good. See image:

But when I open a shell (iSH) on the iPhone + nslookup an ipv6 DNS server is taken from my celluar provider. See image:

Is this normal behavior? Maybe dot or doh is only used in Safari or „Browsers“ only in iOS?

Best regards

[peterlee0127]

Hi, DOH/DOT will work on system wide. For cloudflare testing, you can use the official tool: https://1.1.1.1/help

I also get a strange result from iSH app. Maybe you can ask them ? Dose they use some proxy/dns settings in app ? https://github.com/ish-app/ish

The app’s dns resolver is in /etc/resolve.conf.
https://github.com/ish-app/ish/blob/fba8a02afec56fbd1ecfb2dac72651d1f6999a0e/app/AppDelegate.m#L146

I think this app don’t use the standard dns resolver in iOS. It use the linux system settings.

# from ish app.
# I change the dns server in /etc/resolv.conf
Peter-iPad:~# cat /etc/resolv.conf 
nameserver 1.1.1.1
Peter-iPad:~# nslookup one.one.one.one
Server:         1.1.1.1
Address:        1.1.1.1:53

Non-authoritative answer:
Name:   one.one.one.one
Address: 1.0.0.1
Name:   one.one.one.one
Address: 1.1.1.1

Non-authoritative answer:
Name:   one.one.one.one
Address: 2606:4700:4700::1111
Name:   one.one.one.one
Address: 2606:4700:4700::1001

[gregor-hh]

Hello, Thank You for the detailed explanation.

I have another app (Net Analyzer) and apparently another function / method for DNS resolution is used there. The DNS servers passed by the Celluar Provoder are also used here per default.

So it seems that the app developers must first adjust to the new standard for resolve DNS querrys.

Your App is fine👍👍 Thank You very much. It can be closed

best regards