Join Log in
Score:-1
M9A avatar Server

Secondary public DNS server preferred over local DNS server

cn flag
M9A

I have created a local DNS server using BIND9. It is just a simple DNS server that forwards queries to 1.1.1.1. When I use this as the only manual DNS server on my iOS device, it works fine. However when I add a secondary DNS server such as 8.8.8.8 as a failover, the secondary server always gets preferred. I read that this could be because of iOS preferring servers that support DoH/DoT, but could this actually be the case if I am using an IP address (8.8.8.8) instead of a domain name. I thought DoT/DoH servers required clients to use their domain name. Has someone else encountered this issue and been successful in resolving it?

42
0 + 9
cn flag
Greg Askew
`my iOS device` what is the results with your other endpoint types?
0
Reply
M9A avatar
cn flag
M9A
On Windows and Android devices which I have checked on, the primary DNS server is always preferred
0
Reply
cn flag
Greg Askew
It seems simpler to state that iPhones are not working with the DNS server.
0
Reply
M9A avatar
cn flag
M9A
But why does it work in iOS if it is the only DNS server but once I add a public server as secondary then iOS seems to pick the public one every single time even though its the secondary one
0
Reply
cn flag
Greg Askew
What does a packet capture show?
1
Reply
M9A avatar
cn flag
M9A
I can see requests being made to _dns.resolver.arpa but that’s all. Everything else is clearly going to the public server
0
Reply
cn flag
Greg Askew
I believe that even Windows 10 by default now may query all DNS servers and use the first response. That is a feature and has been discussed frequently on SuperUser. Not sure if iPhones have a similar feature. That client default lack of determinism and if it is configurable like Windows is probably off topic for this forum though. Also it's unorthodox for a business to co mingle internal and external DNS for endpoints, that is usually not a good practice.
0
Reply
M9A avatar
cn flag
M9A
What do you mean by using the first response? Is this the one that returns a response the quickest? Do you think it could be to do with DoH/DoT as the iOS client gives preference to that?
0
Reply
cn flag
Greg Askew
I mean this iPhone client behavior may be a better fit for SuperUser.
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.