I’m using e/os and I want to be sure that, when connected to my local network, my local dns server is used, however, no matter what I do, my phone always use google’s one. Is there any way to fix this?
My approach: enforce redirect on my network of all DNS queries to my router (that are hitting :53).
It has worked so far 🙂
That’s quite drastic but maybe the only really effective. I still find all of this very difficult to believe. I mean, am I wrong if I say that DNS is fundamental to be sure your traffic is safe? But even more weird…I’m using e/os, is supposed to be focus on privacy and “degoogling” of our life but…it use google DNS? I’m also worried I might not understanding what is really happening here, that an app I used changed the DNS settings on my mobile.
Not sure about e/OS but generally on android you can set DNS when connecting to Wifi.
So you should be able to change that in Settings » WIFI » [Your local network] » DNSDid you ever tested it? Because in any android device I got, it always “default” to 8.8.8.8 - google’s one. I have to connect to a vpn do get local ips being resolved. I just don’t get it, is this normal?
I don’t have a custom DNS server configured, but that’s what I tested:
- Went to
Settings » Connections and Share » Private DNS- made sure it is off (it takes priority when set) - Went to
Settings » WiFi » [My local network] » DNS1and entered my router’s IP
After that it started to use my ISP’s DNS servers (preconfigured in router) instead of CloudFlare 1.1.1.1 (what was default on my android when connecting to WiFi
Yes but how do you know that is using that? I mean, did you try to resolv a local address? I have test it using a Terminal (termux) - If I use did and seems to report all the time, regardless of which connection and despite setting my local DNS setting on a static configuration for the wifi. Is this the same for you? can you share some screenshot?
I visited http://ipleak.net/ to check which dns is used.
In Termuxnslookupwill use 8.8.8.8, but I suspect it takes it from Termux environment that doesn’t sync with android settings.Are you sure? I believe that using ipleak.net will provide you with a detailed report of your public IP address, DNS servers, WebRTC status, and other network-related information. However, it will not show you the internal DNS server you are using within your local network.
You are right that Android’s system-wide DNS settings (e.g., those configured in Wi-Fi or mobile network settings) are not automatically applied to Termux. Termux runs in a sandboxed environment and manages its own network configuration. I will try changing Termux but keep in mind that the reason I checked Termus is because local dns resolution do not work on all my android devices, I can resolv local addresses only if I connect to my home network remotely using a vpn.
I believe that using ipleak.net […] will not show you the internal DNS server you are using within your local network.
You’re right. It won’t show internal one. As I mentioned I don’t have internal DNS server set up, so I only used it to check whether changing DNS in wifi settings will actually take effect, and it did. That’s why I believe setting it to internal one should take effect as well.
I may try to setup custom DNS in my local network when I have some free time.
Ok, I did test it.
- I set up DNS server on my PC using Technitium.
- I add zone
a.localand add record with device A’s IP. - I add zone
b.localand add record with device B’s IP. - On device A (Android 11) I go to
Setting » WiFiand set DNS to PC’s IP. - On device B (Android 13) I go to
Settings » WiFiand:- Change IP to static
- Change both DNS1 and DNS2 to PC’s IP.
- I ran some file served over http on both devices.
- I visit
http://a.local/on device B ❯ A’s Files accessed - I visit
http://b.local/on device A ❯ B’s Files accessed
Everything works.
Note:
- it took DNS server about 1min to add the records (idk why).
- It seems devices caches NAME_NOT_RELOVED so if it failed it will be cached as such for at least a few minutes.
- Went to
I use a quick time for toggling on and off private DNS, and it appears it can also change automatically based on the network:
https://f-droid.org/packages/com.rbn.qtsettings/
It does require Shizuku to be installed, too.
Why this matter? Is it posibile to use your local dns ip as private dns? I have tried and didn’t accept a local ip address
how do we get phones to see local DNS records?
I had the same problem in my network and the solution is not easy.
Many, but many android apps are using Google dns servers just to leak the location of the phone (using the nearest geographical Google server).
The only way I found it was to instsll an opnsense router and redirect requests to port 53 to the internal dns server.
DoT (dns over tls) is blocked because it can not be redirected
DoH (dns over https) is (almost) imposible to block and still is a hole in current systems.
Good luck solving this
You can block DoH by using a comprehensive blocklist of DoH domains. Both NextDNS and ControlD do this.
Yep, I checked that possibility too but it is like putting barriers into the see because :
- DoH can also share the IP-PORT with some legits websites
- there is not a proper way to scan the web to see if there is a proper service
- the effort to setup one is orders of magnitude lower tan to track then and then to filter it properly
Honestly is just the prey-predator competition. It won’t stop ever
like every other devices I supposed…but it doesn’t work in any mobile I got. the dns server stay google’s one no matter what you do.
