zlacker

[return to "Does Cloudflare’s 1.1.1.1 DNS Block Archive.is? (2019)"]
1. Goz3rr+mm[view] [source] 2023-08-02 15:19:08
>>lolind+(OP)
If you're using a Pi-hole for your DNS (or anything else using dnsmasq I suppose), I worked around the issue by creating /etc/dnsmasq.d/02-archive.is.conf (with a Docker bind mount in my case) with the following content:

    server=/archive.today/8.8.8.8
    server=/archive.today/8.8.4.4
    server=/archive.ph/8.8.8.8
    server=/archive.ph/8.8.4.4
    server=/archive.is/8.8.8.8
    server=/archive.is/8.8.4.4
    server=/archive.li/8.8.8.8
    server=/archive.li/8.8.4.4
    server=/archive.vn/8.8.8.8
    server=/archive.vn/8.8.4.4
    server=/archive.fo/8.8.8.8
    server=/archive.fo/8.8.4.4
    server=/archive.md/8.8.8.8
    server=/archive.md/8.8.4.4
    server=/archive.to/8.8.8.8
    server=/archive.to/8.8.4.4
This way you use 1.1.1.1 for everything, except the domains listed above where it uses Google DNS instead.
◧◩
2. croes+Gw[view] [source] 2023-08-02 16:02:17
>>Goz3rr+mm
And you leak your location, don't you?
◧◩◪
3. stock_+JY[view] [source] 2023-08-02 17:58:16
>>croes+Gw
In addition to what others mentioned, typically EDNS0 edns-client-subnet is truncated before forwarding.

For example in unbound the defaults, when EDNS0 is enabled (disabled by default), are:

  max-client-subnet-ipv6: 56
  max-client-subnet-ipv4: 24
Forwarding can also be conditionally enabled for specific clients, upstream servers, specific zones, etc.

ref: https://unbound.docs.nlnetlabs.nl/en/latest/manpages/unbound...

[go to top]