Sorry Telstra but this is my F@ST 5355 router:
Roughly a week ago I decided to give https://pi-hole.net/ a go having endured yet another ad laden website. All went we'll[sic], installation was smooth and was up and running 15 minutes later.
All that remained was to set my routers(sic) DNS server to the pi's and my home devices would be safe. I remember seeing the option in there for it.
WTF, it was now disabled. A quick google around revealed that about a year ago (June 2017) Telstra simply decided to remove that functionality.
Surely it had nothing to do with the Australian government implementing DNS based censorship in June 2017?
So fuck you Telstra, that's my router you made me purchase. Time to find out how to take it back.
(Score: 4, Insightful) by DannyB on Monday July 20 2020, @02:57PM (3 children)
In 1999 before there was such a thing as off the shelf routers that had NAT, I had to make my first Linux box do the NAT, DHCP, and DNS, plus a few other services.
What if you set up a Pi to provide maybe a 2nd level of NAT, with DHCP and your own DNS resolver that resolved from your choice of outside DNS?
The lower I set my standards the more accomplishments I have.
(Score: 2, Interesting) by Anonymous Coward on Monday July 20 2020, @05:30PM (2 children)
This is basically what I do.
I have a PiHole and set the IP address of the PiHole as the DNS in DHCP requests. PiHole then has it's DNS set to the Ubiquiti Router. Ubiquiti router then has an external DNS server set. I then block port 53 unless it is coming from my PiHole IP address.
This forces everything on my network to use the PiHole whether it likes it or not for DNS.
(Score: 2) by DECbot on Monday July 20 2020, @07:41PM (1 child)
It won't be too long before the IoT devices will hard code VPNs into the device to ensure the manufacturer's DNS servers are used and ads appear as the manufacturer desired.
cats~$ sudo chown -R us /home/base
(Score: 0) by Anonymous Coward on Tuesday July 21 2020, @05:28AM
You’ve seen previous stories about DNS-over-HTTPS. Blocking port 53 is last decade’s solution.