I don't know where DNS Encryption occur?

jade_light
updated 3 yrs ago
1reply

Here is the NEXTDNS Logs from Pi. I'm using nextdns Debian Based Distribution on the Pi using WiKi . I can see dns encrypted on Nextdns Website but when I run wireshark it is not encrypted. I attached the pictures, Maybe I did something wrong? Thank you.

root@raspberrypi:/home/rk# nextdns log
Feb 28 21:59:02 raspberrypi systemd[1]: Started NextDNS DNS53 to DoH proxy..
Feb 28 21:59:02 raspberrypi nextdns[557]: Starting NextDNS 1.10.1/linux on :53
Feb 28 21:59:02 raspberrypi nextdns[557]: Starting mDNS discovery
Feb 28 21:59:02 raspberrypi nextdns[557]: Listening on TCP/:53
Feb 28 21:59:02 raspberrypi nextdns[557]: Listening on UDP/:53
Feb 28 21:59:03 raspberrypi dhcpcd[574]: dhcp6_dump: eth0: No such file or direc tory
Feb 28 21:59:03 raspberrypi nextdns[557]: Connected 45.90.28.0:443 (con=24ms tls =261ms, TLS13)
Feb 28 21:59:03 raspberrypi nextdns[557]: Connected 191.96.51.196:443 (con=24ms tls=39ms, TLS13)
Feb 28 21:59:03 raspberrypi nextdns[557]: Switching endpoint: https://dns.nextdn s.io.#191.96.51.196,2602:ff62:181:2d6::,45.76.16.236,2001:19f0:5c01:1ebc:5400:2f f:fece:28ed
Feb 28 21:59:07 raspberrypi nextdns[557]: Setting up router
Feb 28 21:59:07 raspberrypi nextdns[557]: Activating
Feb 28 22:00:29 raspberrypi nextdns[557]: Query 192.168.20.1 UDP A stun.services .mozilla.com. (qry=43/res=12) 23ms : doh resolve: read tcp 192.168.20.5:58012->1 91.96.51.196:443: read: connection reset by peer
Feb 28 22:00:29 raspberrypi nextdns[557]: Received signal: broken pipe (ignored)
Feb 28 22:00:34 raspberrypi nextdns[557]: Connected 45.76.16.236:443 (con=0ms tl s=0ms, )
Feb 28 22:01:19 raspberrypi nextdns[557]: Connected 45.76.16.236:443 (con=20ms t ls=56ms, TLS13)
Feb 28 22:02:07 raspberrypi nextdns[557]: Connected 45.76.16.236:443 (con=24ms t ls=54ms, TLS13)
Feb 28 22:03:55 raspberrypi nextdns[557]: Connected 191.96.51.196:443 (con=0ms t ls=39ms, TLS13)
Feb 28 22:05:21 raspberrypi nextdns[557]: Connected 45.76.16.236:443 (con=23ms t ls=54ms, TLS13)
Feb 28 22:09:02 raspberrypi nextdns[557]: Connected 45.76.16.236:443 (con=21ms t ls=57ms, TLS13)
Feb 28 22:10:04 raspberrypi nextdns[557]: Connected 191.96.51.196:443 (con=23ms tls=55ms, TLS13)
Feb 28 22:14:05 raspberrypi nextdns[557]: Connected 191.96.51.196:443 (con=23ms tls=59ms, TLS13)
Feb 28 22:14:57 raspberrypi nextdns[557]: Connected 45.76.16.236:443 (con=24ms t ls=51ms, TLS13)
Feb 28 22:16:06 raspberrypi nextdns[557]: Connected 45.76.16.236:443 (con=24ms t ls=53ms, TLS13)
root@raspberrypi:/home/rk#

Security

- Zap
- 3 yrs ago
- Reported - view
You're running DoH proxy on your Pi and you're are looking at the traffic between your PC and your Pi in your local network.

It's like, nextDNS PoP <---------------DoH------------> Pi <-------DNS over UDP/TCP (Plain DNS) ---------> Your PC.

Content aside

3 yrs agoLast active
1Replies
133Views
2 Following

I don't know where DNS Encryption occur?

1 reply

Content aside

Home

Tags