Discussion:
DNS under another login?
(too old to reply)
CALAMITYJANE
2022-07-09 03:32:01 UTC
Permalink
Ok, I pay for a connection to wifi in a group using the same ISP.

I have the router PW and can access most of the settings.

What I have not been able to do is change the DNS Server.
It appears to be under another login than the one for the router.
Not sure why this is because I have access to all the other settings.

How do I change the DNS server to something that does not go through the
ISP? I am occasionally getting blocked by network messages, not sure
why. Will try to attach jpg screenshot.

Ok getting error message on attachment. Try looking here: (crap nntp
server)

Loading Image...
Jeff Liebermann
2022-07-10 06:08:34 UTC
Permalink
On Sat, 9 Jul 2022 03:32:01 -0000 (UTC), CALAMITYJANE
Post by CALAMITYJANE
Ok, I pay for a connection to wifi in a group using the same ISP.
I have the router PW and can access most of the settings.
What I have not been able to do is change the DNS Server.
It appears to be under another login than the one for the router.
Not sure why this is because I have access to all the other settings.
How do I change the DNS server to something that does not go through the
ISP? I am occasionally getting blocked by network messages, not sure
why. Will try to attach jpg screenshot.
Ok getting error message on attachment. Try looking here: (crap nntp
server)
https://i.postimg.cc/mDCwsqt2/GLOBEROUTERDNSSETTING2edited.jpg
Notice the light gray color of all the IP settings including DNS. That
*MIGHT* mean that it's locked by a password, but more likely means
that the IP address, gateway, DNS, and netmask are set by the PPPoE
server. If those were set by the downstream DNS server, you *MIGHT*
be able to change them. However, I vaguely recall that with PPPoE,
you're stuck with whatever the PPPoE server provides. I don't have
any PPPoE (DSL) customers left, so I can't check if I'm right.

Why is this an issue? All you need to do is set your client
computer's DNS settings to whatever you want and you're done.
--
Jeff Liebermann ***@cruzio.com
PO Box 272 http://www.LearnByDestroying.com
Ben Lomond CA 95005-0272
Skype: JeffLiebermann AE6KS 831-336-2558
CALAMITYJANE
2022-08-05 01:55:25 UTC
Permalink
Post by Jeff Liebermann
On Sat, 9 Jul 2022 03:32:01 -0000 (UTC), CALAMITYJANE
Post by CALAMITYJANE
Ok, I pay for a connection to wifi in a group using the same ISP.
I have the router PW and can access most of the settings.
What I have not been able to do is change the DNS Server.
It appears to be under another login than the one for the router.
Not sure why this is because I have access to all the other settings.
How do I change the DNS server to something that does not go through
the ISP? I am occasionally getting blocked by network messages, not
sure why. Will try to attach jpg screenshot.
Ok getting error message on attachment. Try looking here: (crap nntp
server)
https://i.postimg.cc/mDCwsqt2/GLOBEROUTERDNSSETTING2edited.jpg
Notice the light gray color of all the IP settings including DNS. That
*MIGHT* mean that it's locked by a password, but more likely means
that the IP address, gateway, DNS, and netmask are set by the PPPoE
server. If those were set by the downstream DNS server, you *MIGHT*
be able to change them. However, I vaguely recall that with PPPoE,
you're stuck with whatever the PPPoE server provides. I don't have
any PPPoE (DSL) customers left, so I can't check if I'm right.
Why is this an issue? All you need to do is set your client
computer's DNS settings to whatever you want and you're done.
Thx your reply, sorry late getting back.

Why do they have a separate id and login after you've already logged
into the router?

Can you kindly explain what PPPoE is and how this applies to the
question?

To answer your question, I am occasionally getting "your internet
connection is blocked, check your firewall settings" and it acts like it
IS blocked locally but I never put in any rules to block it in the
windows or other firewall. This is an inconsistent message and only
appears on some browsers for some webpages and disappears when I use a
VPN to surf. That is why I suspect it's a DNS issue. I've tried changing
the DNS on the client browsers with no effect, but using a vpn
eliminates the error.
Jeff Liebermann
2022-08-05 11:42:31 UTC
Permalink
On Fri, 5 Aug 2022 01:55:25 -0000 (UTC), CALAMITYJANE
Post by CALAMITYJANE
Post by Jeff Liebermann
On Sat, 9 Jul 2022 03:32:01 -0000 (UTC), CALAMITYJANE
Post by CALAMITYJANE
Ok, I pay for a connection to wifi in a group using the same ISP.
I have the router PW and can access most of the settings.
What I have not been able to do is change the DNS Server.
It appears to be under another login than the one for the router.
Not sure why this is because I have access to all the other settings.
How do I change the DNS server to something that does not go through
the ISP? I am occasionally getting blocked by network messages, not
sure why. Will try to attach jpg screenshot.
Ok getting error message on attachment. Try looking here: (crap nntp
server)
https://i.postimg.cc/mDCwsqt2/GLOBEROUTERDNSSETTING2edited.jpg
Notice the light gray color of all the IP settings including DNS. That
*MIGHT* mean that it's locked by a password, but more likely means
that the IP address, gateway, DNS, and netmask are set by the PPPoE
server. If those were set by the downstream DNS server, you *MIGHT*
be able to change them. However, I vaguely recall that with PPPoE,
you're stuck with whatever the PPPoE server provides. I don't have
any PPPoE (DSL) customers left, so I can't check if I'm right.
Why is this an issue? All you need to do is set your client
computer's DNS settings to whatever you want and you're done.
Why do they have a separate id and login after you've already logged
into the router?
Logging into the router is quite different from logging into the
network. The router login give you access to the router. The ISP
PPPoE network login gives uses of the router access to the ISP's
network.
Post by CALAMITYJANE
Can you kindly explain what PPPoE is and how this applies to the
question?
Nope. I don't know anything about the topology (which boxes go where)
of your network or your ISP's. Normally, PPPoE gives either the
router or the users computer access to the ISP's network. Think of it
a login/password that demonstrates to the ISP's router that the user
(or the users modem/router) has the proper credentials to connect to
the ISP's router. PPPoE is most commonly built into the modem, but
can also be installed on the router, server, or client computer.

This article explains how it all should work, but might not be the
same as whatever your ISP is doing.
"Point-to-Point Protocol over Ethernet (PPPoE)"
<https://www.techtarget.com/searchnetworking/definition/PPPoE>
Post by CALAMITYJANE
To answer your question, I am occasionally getting "your internet
connection is blocked, check your firewall settings" and it acts like it
IS blocked locally but I never put in any rules to block it in the
windows or other firewall. This is an inconsistent message and only
appears on some browsers for some webpages and disappears when I use a
VPN to surf. That is why I suspect it's a DNS issue. I've tried changing
the DNS on the client browsers with no effect, but using a vpn
eliminates the error.
That sounds like the symptoms of incompatible MTU somewhere along the
path between the computer and some remote web server. This is rather
old, but does explain the problem:
<https://www.tp-link.com/us/support/faq/190/>
The problem is common when the packets go through IP tunnels (IPv4 ->
IPv6 and VPN).

Packet sizes issues can get complicated:
"Path MTU discovery in practice"
<https://blog.cloudflare.com/path-mtu-discovery-in-practice/>
--
Jeff Liebermann ***@cruzio.com
PO Box 272 http://www.LearnByDestroying.com
Ben Lomond CA 95005-0272
Skype: JeffLiebermann AE6KS 831-336-2558
CALAMITYJANE
2022-08-08 02:22:42 UTC
Permalink
Post by Jeff Liebermann
On Fri, 5 Aug 2022 01:55:25 -0000 (UTC), CALAMITYJANE
Post by CALAMITYJANE
Post by Jeff Liebermann
On Sat, 9 Jul 2022 03:32:01 -0000 (UTC), CALAMITYJANE
Post by CALAMITYJANE
Ok, I pay for a connection to wifi in a group using the same ISP.
I have the router PW and can access most of the settings.
What I have not been able to do is change the DNS Server.
It appears to be under another login than the one for the router.
Not sure why this is because I have access to all the other
settings.
How do I change the DNS server to something that does not go through
the ISP? I am occasionally getting blocked by network messages, not
sure why. Will try to attach jpg screenshot.
Ok getting error message on attachment. Try looking here: (crap nntp
server)
https://i.postimg.cc/mDCwsqt2/GLOBEROUTERDNSSETTING2edited.jpg
Notice the light gray color of all the IP settings including DNS.
That *MIGHT* mean that it's locked by a password, but more likely
means that the IP address, gateway, DNS, and netmask are set by the
PPPoE server. If those were set by the downstream DNS server, you
*MIGHT* be able to change them. However, I vaguely recall that with
PPPoE, you're stuck with whatever the PPPoE server provides. I
don't have any PPPoE (DSL) customers left, so I can't check if I'm
right.
Why is this an issue? All you need to do is set your client
computer's DNS settings to whatever you want and you're done.
Why do they have a separate id and login after you've already logged
into the router?
Logging into the router is quite different from logging into the
network. The router login give you access to the router. The ISP
PPPoE network login gives uses of the router access to the ISP's
network.
Post by CALAMITYJANE
Can you kindly explain what PPPoE is and how this applies to the
question?
Nope. I don't know anything about the topology (which boxes go where)
of your network or your ISP's. Normally, PPPoE gives either the
router or the users computer access to the ISP's network. Think of it
a login/password that demonstrates to the ISP's router that the user
(or the users modem/router) has the proper credentials to connect to
the ISP's router. PPPoE is most commonly built into the modem, but
can also be installed on the router, server, or client computer.
This article explains how it all should work, but might not be the
same as whatever your ISP is doing.
"Point-to-Point Protocol over Ethernet (PPPoE)"
<https://www.techtarget.com/searchnetworking/definition/PPPoE>
Post by CALAMITYJANE
To answer your question, I am occasionally getting "your internet
connection is blocked, check your firewall settings" and it acts like
it IS blocked locally but I never put in any rules to block it in the
windows or other firewall. This is an inconsistent message and only
appears on some browsers for some webpages and disappears when I use a
VPN to surf. That is why I suspect it's a DNS issue. I've tried
changing the DNS on the client browsers with no effect, but using a
vpn eliminates the error.
That sounds like the symptoms of incompatible MTU somewhere along the
path between the computer and some remote web server. This is rather
<https://www.tp-link.com/us/support/faq/190/>
The problem is common when the packets go through IP tunnels (IPv4 ->
IPv6 and VPN).
"Path MTU discovery in practice"
<https://blog.cloudflare.com/path-mtu-discovery-in-practice/>
Ok thanks, took me a while but found out the MTU rate was too high on
this wifi connection so I lowered it. See if this helps or not. The old
router we had before same company you could change the DNS server at the
router. Not really sure it made a difference, but you seem to indicate I
can do the same thing on the client windows OS. But most browsers only
give you a choice of 1-2 dns servers to use or I have not found a way to
add my own custom FASTER DNS. I tried but I guess I don't have the right
syntax commands or maybe it's a alt.config setting. Could not find how
to do it. I do know that the DNS lookups are often exceeding ly slow on
my machine. SUPPOSEDLY you can make your own DNS file under hosts, but I
could never get windows 7 (last OS I tried) to use the host file for
lookups.
Jeff Liebermann
2022-08-09 05:02:50 UTC
Permalink
On Mon, 8 Aug 2022 02:22:42 -0000 (UTC), CALAMITYJANE
Post by CALAMITYJANE
I do know that the DNS lookups are often exceeding ly slow on
my machine. SUPPOSEDLY you can make your own DNS file under hosts, but I
could never get windows 7 (last OS I tried) to use the host file for
lookups.
Perhaps benchmarking your DNS lookups might be useful. I use this
tool (mostly because I'm too lazy to find something better):
<https://www.grc.com/dns/benchmark.htm>
Post by CALAMITYJANE
SUPPOSEDLY you can make your own DNS file under hosts, but I
could never get windows 7 (last OS I tried) to use the host file for
lookups.
It works for me on Windoze 10. The hosts file should be here:
C:\Windows\System32\Drivers\etc\hosts
The etc directory is hidden.

If you're using Firefox browser:
<https://www.liquidweb.com/kb/dns-hosts-file/>
"Firefox now uses DNS over HTTPS (or DOH) by default. That means
instead of checking your local hosts file or even your DNS resolver.
Firefox simply makes the DNS request over HTTPS from within the
browser."

Note that editing the hosts file will NOT change the name(s) of the
DNS server(s) used by your machine. It will only change the name to
IP address mapping. The actual names of the DNS servers are buried in
the registry or set by DHCP. If you want to use a different specific
DNS server, then either use the user friendly network config:
Settings -> Network & Internet -> Change Adapter Settings.
Then right-click on a connection and select:
Properties -> IPv4 -> Properties:
Select use the following DNS server address, fill in the blanks and
remember save before exiting (my favorite screwup).

Or, you can do it from the command line using netsh:
netsh
interface ip show config
Find the network interface name. Ethernet 0 is a common name:
interface ip set dns "Ethernet0" static 8.8.8.8
Replace the 8.8.8.8 above with your desired DNS server. For the
secondary DNS server, it's the same with index=2 appended:
interface ip set dns "Ethernet0" static 8.8.4.4 index=2

There's no way I'm going to even try to explain how to do this by
editing the registry directly. I've screwed up too many machines
(including my own). You have been warned.

Don't forget to flush the DNS cache before testing or you will likely
get lookups from previous config changes:
ipconfig /flushdns

Good luck.
--
Jeff Liebermann ***@cruzio.com
PO Box 272 http://www.LearnByDestroying.com
Ben Lomond CA 95005-0272
Skype: JeffLiebermann AE6KS 831-336-2558
CALAMITYJANE
2022-09-11 00:52:39 UTC
Permalink
Post by Jeff Liebermann
On Mon, 8 Aug 2022 02:22:42 -0000 (UTC), CALAMITYJANE
Post by CALAMITYJANE
I do know that the DNS lookups are often exceeding ly slow on
my machine. SUPPOSEDLY you can make your own DNS file under hosts, but
I could never get windows 7 (last OS I tried) to use the host file for
lookups.
Perhaps benchmarking your DNS lookups might be useful. I use this
<https://www.grc.com/dns/benchmark.htm>
Post by CALAMITYJANE
SUPPOSEDLY you can make your own DNS file under hosts, but I
could never get windows 7 (last OS I tried) to use the host file for
lookups.
C:\Windows\System32\Drivers\etc\hosts
The etc directory is hidden.
<https://www.liquidweb.com/kb/dns-hosts-file/>
"Firefox now uses DNS over HTTPS (or DOH) by default. That means
instead of checking your local hosts file or even your DNS resolver.
Firefox simply makes the DNS request over HTTPS from within the
browser."
Note that editing the hosts file will NOT change the name(s) of the
DNS server(s) used by your machine. It will only change the name to
IP address mapping. The actual names of the DNS servers are buried in
the registry or set by DHCP. If you want to use a different specific
Settings -> Network & Internet -> Change Adapter Settings.
Select use the following DNS server address, fill in the blanks and
remember save before exiting (my favorite screwup).
netsh
interface ip show config
interface ip set dns "Ethernet0" static 8.8.8.8
Replace the 8.8.8.8 above with your desired DNS server. For the
interface ip set dns "Ethernet0" static 8.8.4.4 index=2
There's no way I'm going to even try to explain how to do this by
editing the registry directly. I've screwed up too many machines
(including my own). You have been warned.
Don't forget to flush the DNS cache before testing or you will likely
ipconfig /flushdns
Good luck.
Thanks for that additional info. Did not know that about ffox.
Supposedly you can add DNS entry in FFox, but must use a special syntax
because last time I tried would not work. I image my OS so if the
registry fucks up bad, I just restore the image, no problem. Also I
notice something really weird, maybe you know why? I can only ping
certain specific DNS IP addresses from cmd. Others won't work. In some
cases I have to use the domain name to ping, which indicates to me that
they are routing ping through their ISP's OWN dns. For example under win
8.1 if I ping one say, google's IP I get nothing, but if I ping
google.com I get normal ping. They do not recognize the IP. On DNS Ip's
some work no problem others will just stall. Maybe it's my 3rd party
firewall causing this, I have to check it.
Jeff Liebermann
2022-09-11 06:30:11 UTC
Permalink
On Sun, 11 Sep 2022 00:52:39 -0000 (UTC), CALAMITYJANE
Post by CALAMITYJANE
Post by Jeff Liebermann
On Mon, 8 Aug 2022 02:22:42 -0000 (UTC), CALAMITYJANE
Post by CALAMITYJANE
I do know that the DNS lookups are often exceeding ly slow on
my machine. SUPPOSEDLY you can make your own DNS file under hosts, but
I could never get windows 7 (last OS I tried) to use the host file for
lookups.
Perhaps benchmarking your DNS lookups might be useful. I use this
<https://www.grc.com/dns/benchmark.htm>
Post by CALAMITYJANE
SUPPOSEDLY you can make your own DNS file under hosts, but I
could never get windows 7 (last OS I tried) to use the host file for
lookups.
C:\Windows\System32\Drivers\etc\hosts
The etc directory is hidden.
<https://www.liquidweb.com/kb/dns-hosts-file/>
"Firefox now uses DNS over HTTPS (or DOH) by default. That means
instead of checking your local hosts file or even your DNS resolver.
Firefox simply makes the DNS request over HTTPS from within the
browser."
Note that editing the hosts file will NOT change the name(s) of the
DNS server(s) used by your machine. It will only change the name to
IP address mapping. The actual names of the DNS servers are buried in
the registry or set by DHCP. If you want to use a different specific
Settings -> Network & Internet -> Change Adapter Settings.
Select use the following DNS server address, fill in the blanks and
remember save before exiting (my favorite screwup).
netsh
interface ip show config
interface ip set dns "Ethernet0" static 8.8.8.8
Replace the 8.8.8.8 above with your desired DNS server. For the
interface ip set dns "Ethernet0" static 8.8.4.4 index=2
There's no way I'm going to even try to explain how to do this by
editing the registry directly. I've screwed up too many machines
(including my own). You have been warned.
Don't forget to flush the DNS cache before testing or you will likely
ipconfig /flushdns
Good luck.
Thanks for that additional info. Did not know that about ffox.
Supposedly you can add DNS entry in FFox, but must use a special syntax
because last time I tried would not work.
There's no special syntax. DNS servers are simply the IP address of
the server or the IP address of the various backup servers.

Hamburger -> Settings -> General -> Network (bottom of page)
If you disable (uncheck) DNS over HTTPS, you can then mangle your web
browsers DNS settings whatever you find useful.
<https://support.mozilla.org/en-US/kb/firefox-dns-over-https>
Just remember that there is a hierarchy of DNS server and that
"default server" means "use this DNS server if no other DNS server is
specified. So, if you have your machine configured for:
Firefox DNS over HTTPS (Cloudflare)
Windows 8.8.8.8 (Google)
Router 75.75.75.75 (Comcast)
it is possible for different applications and devices to use
completely different DNS servers on your network. In the above
configuration, Firefox will always go to Cloudflare, no matter how you
have DNS configured on your Windoze OS or Router. However, if you
decided to use Chrome browser, and specified that it use the default
DNS server, it would use whatever is configured in Windoze (including
the Hosts file). If you have everything configured to use the "system
default", then DNS will use whatever the router says (usually the
ISP's DNS server). Things can also get confusing if I throw in a
local DNS server, proxy server, VPN, DNS redirector or load balancer.
If you find the DNS lookups are going a wide variety of DNS servers,
you might want to reset all the DNS settings to default and start
over. Don't forget to flush the DNS cache or your will continue to
have lookup failures even after you reset to default.
Post by CALAMITYJANE
I image my OS so if the
registry fucks up bad, I just restore the image, no problem.
That's a good idea if you're sure that your registry entries are
correct. (Assumption if the mother of all screwups). I save multiple
registry backups as I blunder forward. Unfortunately, I don't recall
the name of the program I was using.
Post by CALAMITYJANE
Also I
notice something really weird, maybe you know why? I can only ping
certain specific DNS IP addresses from cmd. Others won't work. In some
cases I have to use the domain name to ping, which indicates to me that
they are routing ping through their ISP's OWN dns. For example under win
8.1 if I ping one say, google's IP I get nothing, but if I ping
google.com I get normal ping. They do not recognize the IP. On DNS Ip's
some work no problem others will just stall. Maybe it's my 3rd party
firewall causing this, I have to check it.
I don't know what's causing that. Let's just take the Google problem,
where pinging google.com works, but fails using the google IP address.
I'll try it here (on Windoze 10):
C:\Users\jeffl>ping google.com -4
Pinging google.com [142.250.191.46] with 32 bytes of data:
Reply from 142.250.191.46: bytes=32 time=9ms TTL=57
Reply from 142.250.191.46: bytes=32 time=10ms TTL=57
Reply from 142.250.191.46: bytes=32 time=8ms TTL=57
Reply from 142.250.191.46: bytes=32 time=9ms TTL=57
Ping statistics for 142.250.191.46:

C:\Users\jeffl>ping 142.250.191.46 -4
Pinging 142.250.191.46 with 32 bytes of data:
Reply from 142.250.191.46: bytes=32 time=9ms TTL=57
Reply from 142.250.191.46: bytes=32 time=9ms TTL=57
Reply from 142.250.191.46: bytes=32 time=9ms TTL=57
Reply from 142.250.191.46: bytes=32 time=10ms TTL=57
Ping statistics for 142.250.191.46:

Looks like it works. Incidentally I use IPv6 by default, so I had to
force IPv4 to make ping look reasonable.

Next, try traceroute (tracert):

C:\Users\jeffl>tracert 142.250.191.46
Tracing route to nuq04s42-in-f14.1e100.net [142.250.191.46]
over a maximum of 30 hops:
1 <1 ms <1 ms <1 ms router.asus.com [192.168.11.1]
2 8 ms 8 ms 8 ms 96.120.89.1
3 8 ms 8 ms 9 ms
po-301-1203-rur01.scotts.ca.sfba.comcast.net [96.110.102.129]
4 8 ms 7 ms 8 ms
be-221-rar01.santaclara.ca.sfba.comcast.net [69.139.199.205]
5 8 ms 8 ms 9 ms 96.108.99.153
6 10 ms 12 ms 10 ms
be-299-ar01.santaclara.ca.sfba.comcast.net [68.86.143.93]
7 12 ms 9 ms 10 ms 96.112.146.26
8 12 ms 10 ms 10 ms 142.251.70.49
9 10 ms 9 ms 10 ms 142.251.65.129
10 9 ms 8 ms 9 ms nuq04s42-in-f14.1e100.net
[142.250.191.46]
Trace complete.

I suspect that if you tried that on your system, the traceroute by IP
will show a completely different route than the router by FQDN (fully
qualified domain name), which suggests a DNS lookup for Google.com is
returning the wrong IP address. Try nslookup or dig:
"How to test DNS with dig and nslookup"
<https://www.a2hosting.com/kb/getting-started-guide/internet-and-networking/troubleshooting-dns-with-dig-and-nslookup>

You might also try a sanity check on where your packets are going and
which gateways are being used. Try:
route -print -4
--
Jeff Liebermann ***@cruzio.com
PO Box 272 http://www.LearnByDestroying.com
Ben Lomond CA 95005-0272
Skype: JeffLiebermann AE6KS 831-336-2558
Jeff Liebermann
2022-09-11 06:49:03 UTC
Permalink
Post by Jeff Liebermann
I save multiple
registry backups as I blunder forward. Unfortunately, I don't recall
the name of the program I was using.
I found it: RegBak 1.5
<http://www.acelogix.com/download/#downrb>
--
Jeff Liebermann ***@cruzio.com
PO Box 272 http://www.LearnByDestroying.com
Ben Lomond CA 95005-0272
Skype: JeffLiebermann AE6KS 831-336-2558
CALAMITYJANE
2022-09-24 05:39:36 UTC
Permalink
Post by Jeff Liebermann
On Sun, 11 Sep 2022 00:52:39 -0000 (UTC), CALAMITYJANE
Post by CALAMITYJANE
Post by Jeff Liebermann
On Mon, 8 Aug 2022 02:22:42 -0000 (UTC), CALAMITYJANE
Post by CALAMITYJANE
I do know that the DNS lookups are often exceeding ly slow on
my machine. SUPPOSEDLY you can make your own DNS file under hosts,
but I could never get windows 7 (last OS I tried) to use the host
file for lookups.
Perhaps benchmarking your DNS lookups might be useful. I use this
<https://www.grc.com/dns/benchmark.htm>
Post by CALAMITYJANE
SUPPOSEDLY you can make your own DNS file under hosts, but I
could never get windows 7 (last OS I tried) to use the host file for
lookups.
C:\Windows\System32\Drivers\etc\hosts
The etc directory is hidden.
<https://www.liquidweb.com/kb/dns-hosts-file/>
"Firefox now uses DNS over HTTPS (or DOH) by default. That means
instead of checking your local hosts file or even your DNS resolver.
Firefox simply makes the DNS request over HTTPS from within the
browser."
Note that editing the hosts file will NOT change the name(s) of the
DNS server(s) used by your machine. It will only change the name to
IP address mapping. The actual names of the DNS servers are buried
in the registry or set by DHCP. If you want to use a different
specific DNS server, then either use the user friendly network
Settings -> Network & Internet -> Change Adapter Settings.
Select use the following DNS server address, fill in the blanks and
remember save before exiting (my favorite screwup).
netsh
interface ip show config
interface ip set dns "Ethernet0" static 8.8.8.8
Replace the 8.8.8.8 above with your desired DNS server. For the
interface ip set dns "Ethernet0" static 8.8.4.4 index=2
There's no way I'm going to even try to explain how to do this by
editing the registry directly. I've screwed up too many machines
(including my own). You have been warned.
Don't forget to flush the DNS cache before testing or you will
ipconfig /flushdns
Good luck.
Thanks for that additional info. Did not know that about ffox.
Supposedly you can add DNS entry in FFox, but must use a special
syntax because last time I tried would not work.
There's no special syntax. DNS servers are simply the IP address of
the server or the IP address of the various backup servers.
Hamburger -> Settings -> General -> Network (bottom of page)
If you disable (uncheck) DNS over HTTPS, you can then mangle your web
browsers DNS settings whatever you find useful.
<https://support.mozilla.org/en-US/kb/firefox-dns-over-https>
Just remember that there is a hierarchy of DNS server and that
"default server" means "use this DNS server if no other DNS server is
Firefox DNS over HTTPS (Cloudflare)
Windows 8.8.8.8 (Google)
Router 75.75.75.75 (Comcast)
it is possible for different applications and devices to use
completely different DNS servers on your network. In the above
configuration, Firefox will always go to Cloudflare, no matter how you
have DNS configured on your Windoze OS or Router. However, if you
decided to use Chrome browser, and specified that it use the default
DNS server, it would use whatever is configured in Windoze (including
the Hosts file). If you have everything configured to use the "system
default", then DNS will use whatever the router says (usually the
ISP's DNS server). Things can also get confusing if I throw in a
local DNS server, proxy server, VPN, DNS redirector or load balancer.
If you find the DNS lookups are going a wide variety of DNS servers,
you might want to reset all the DNS settings to default and start
over. Don't forget to flush the DNS cache or your will continue to
have lookup failures even after you reset to default.
Post by CALAMITYJANE
I image my OS so if the
registry fucks up bad, I just restore the image, no problem.
That's a good idea if you're sure that your registry entries are
correct. (Assumption if the mother of all screwups). I save multiple
registry backups as I blunder forward. Unfortunately, I don't recall
the name of the program I was using.
Post by CALAMITYJANE
Also I
notice something really weird, maybe you know why? I can only ping
certain specific DNS IP addresses from cmd. Others won't work. In some
cases I have to use the domain name to ping, which indicates to me
that they are routing ping through their ISP's OWN dns. For example
under win 8.1 if I ping one say, google's IP I get nothing, but if I
ping google.com I get normal ping. They do not recognize the IP. On
DNS Ip's some work no problem others will just stall. Maybe it's my
3rd party firewall causing this, I have to check it.
I don't know what's causing that. Let's just take the Google problem,
where pinging google.com works, but fails using the google IP address.
C:\Users\jeffl>ping google.com -4
Reply from 142.250.191.46: bytes=32 time=9ms TTL=57
Reply from 142.250.191.46: bytes=32 time=10ms TTL=57
Reply from 142.250.191.46: bytes=32 time=8ms TTL=57
Reply from 142.250.191.46: bytes=32 time=9ms TTL=57
C:\Users\jeffl>ping 142.250.191.46 -4
Reply from 142.250.191.46: bytes=32 time=9ms TTL=57
Reply from 142.250.191.46: bytes=32 time=9ms TTL=57
Reply from 142.250.191.46: bytes=32 time=9ms TTL=57
Reply from 142.250.191.46: bytes=32 time=10ms TTL=57
Looks like it works. Incidentally I use IPv6 by default, so I had to
force IPv4 to make ping look reasonable.
C:\Users\jeffl>tracert 142.250.191.46
Tracing route to nuq04s42-in-f14.1e100.net [142.250.191.46]
1 <1 ms <1 ms <1 ms router.asus.com [192.168.11.1]
2 8 ms 8 ms 8 ms 96.120.89.1
3 8 ms 8 ms 9 ms
po-301-1203-rur01.scotts.ca.sfba.comcast.net [96.110.102.129]
4 8 ms 7 ms 8 ms
be-221-rar01.santaclara.ca.sfba.comcast.net [69.139.199.205]
5 8 ms 8 ms 9 ms 96.108.99.153
6 10 ms 12 ms 10 ms
be-299-ar01.santaclara.ca.sfba.comcast.net [68.86.143.93]
7 12 ms 9 ms 10 ms 96.112.146.26
8 12 ms 10 ms 10 ms 142.251.70.49
9 10 ms 9 ms 10 ms 142.251.65.129
10 9 ms 8 ms 9 ms nuq04s42-in-f14.1e100.net
[142.250.191.46]
Trace complete.
I suspect that if you tried that on your system, the traceroute by IP
will show a completely different route than the router by FQDN (fully
qualified domain name), which suggests a DNS lookup for Google.com is
"How to test DNS with dig and nslookup"
<https://www.a2hosting.com/kb/getting-started-guide/internet-and-networ
king/troubleshooting-dns-with-dig-and-nslookup>
You might also try a sanity check on where your packets are going and
route -print -4
Ok thanks. I should mention the reason I am asking about this is that I
often get failed messages from my browser "cannot find address" or other
similar dns failure messages. When I change the DNS I can get the site.
From memory it seems to happen whether I change at the browser or under
win adapter settings.

Also the example you gave of pinging google vs google's IP is NOT what I
get. I get freeze/nothing when I ping the IP and normal ping when I ping
google. But this does not happen across all DNS IPs. Some will proceed
with the ping normally and others just stall. I also often get: your
access to the network is blocked. But when I change DNS or use a VPN, I
get through. I have done a housecall virus check and all my av checks
come up negative. That is why I am suspcious of an undiscovered R.A.T. or
similar or hacking by my ISP or others sharing the router.

I will try the other shell commands you mention maybe they will shed some
light. I frequently have to change my DNS at the OS level or use a VPN to
access sites. My FW disallows most all connections except for port 80 and
443. I tried blocking p 53 with no effect.

Loading...