Bypassing "NO DNS" on Comcast, Charter, Spectrum, Time Warrner & RoadRunnere
Symptom: If you name a DNS server that IS NOT a Comcast, Charter, Spectrum, Time Warner or Road Runner DNS server, you won't have any DNS service (generically speaking) on those ISP's at all, and you might spend a lot of time troubleshooting the problem.
The DNS servers I've found that work on those ISP's are: 71.10.216.1, 71.10.216.2, 50.229.52.23 and 50.229.170.233.
ALLEGEDLY this DNS blocking is done for "Security Reasons".
To circumvent the problem, I've found you can simply install the pacman package dns-over-https. It seems to work.
I added the below lines to the /etc/pacman.conf file (below the [Galaxy] section ), though I'm not sure it was completely necessary.
[extra]
Include = /etc/pacman.d/mirrorlist
I also added an updated list of pacman servers TO THE BOTTOM of /etc/pacman.d/mirrorlist, which may have helped.
Acquire that list at: https://archlinux.org/mirrorlist/
(I'm such a newbie, right?)
Beyond that, it's pretty much just a one-liner:
pacman --sync dns-over-https
I have the S6 version and went nuts trying to figure out hard to start the service but you really don't have to: Network Manager seems to do that for you. If you DO NOT have the S6 version of Artix Linux, you may have to:
/usr/bin/sysctl enable doh-client.service
This seems to be done automatically by /etc/NetworkManager/dispatcher.d/doh-client
I dunno. Again, I'm such a newbie.
Anyway, once you've installed this (as above), just use Network Manager to set the DNS to 1.1.1.1 (Cloud Flare DOH), disable and re-enable the network connections (again with Network Manager -- or reboot)...and it works.
I haven't found that it helps to modify /etc/dns-over-https/doh-client.conf. That's going to get modified by Network Manager and likely wipe out what you've done anyway. It's kind of like modifying /etc/resolv.conf: there's not much point.
You could verify this install is working with netstat -cwatupWU or (this will take forever) ss -bar0 -A 'inet'.
If you don't see any Comcast, Charter, Spectrum, Time Warner or Road Runner IP's (assuming you're not otherwise connected to them...then IT WORKED!
Likely, you'll see one.one.one.one:domain ESTABLISHED or udp ESTAB one.one.one.one:domain.
That's Cloud Flare. That means that it worked. Wooo-hooo.
The implication is that you CAN bypass DNS restrictions FOR ANY BROWSER or ANYTHING else net-bound, without having to utilize a specific browser and modify it for DOH.
So easy.
Hope this help in troubleshooting and bypassing POTENTIAL censorship.
I haven't had any problems to date with Cloud Flare and censorship. Maybe, in the future, there will be other DOH servers. There is also the possibility of establishing YOUR OWN DOH server, though I haven't attempted that nor do I feel I have the need to do that.
Here's a link which might prove didactic
archlinux.org/packages/?name=dns-over-https
Thank you, Artix Linux for the distro!!!
Here's some other links for distros, other than Artix Linux, as you might have, including Windows (althogh Microsoft Edge and Vivaldi browsers have their own censorship issues this isn't going to solve).
github.com/m13253/dns-over-https
pkg.cloudflareclient.com
Good Luck!
Topic: Bypassing "NO DNS" on Comcast, Charter, Spectrum, Time Warrner & RoadRunnere (Read 289 times)
previous topic - next topic
