Redirecting DoT requests on local network to Firewalla?

Follow

Sven Moderow

• November 02, 2023 09:03

Hi,

is it possible to redirect DoT requests on local network to Firewalla? My use case:

1. DoT (Control D) is configured on mobile devices so they are securly accessing internet (at least browsing) when on mobile connection.

2. When the devices connect to MY local network, they should use Firewalla DNS resolver instead of Control D. Only to have a single point of failure locally and mobile.

3. Blocking DoT host is no option as this requires me to disable "Private DNS" each time on local connection.

4. There is no automation in Android (at least without rooting or using other apps) to change state of "Private DNS". And those other tools did not work dependable.

 

My questions are:

1. Can Firewalla answer DoT requests at all?

2. If so, can I make a custom DNS entry to point to Firewalla IP and it works? Must be a short TTL then because it should work immediately after switching to mobile network.

3. If not, is there any other way to redirect those DoT requests locally?

 

Any help would be appreciated!

0

• 

  DB

  • December 02, 2023 07:12

  1. The way DoT works with Firewalla is Firewalla simply passes the data through as DoT is forwarding it to their DoT servers.

  2. Short TTL only means a packet has a short life, not that it will connect faster.

  3. I don't think so.

  What happens when you turn off DoT and then switch to local network?

  0

  Comment actions Permalink
• 

  Sven Moderow

  • December 02, 2023 07:36

  1. Could surely be done in Router Mode as a new feature.

  2. It is not about faster than connection but faster recognition that there is a new target. As Control D has 10 second TTL the transitioning to locals network should be done fast but it should also done fast the other way.

  0

  Comment actions Permalink

Please sign in to leave a comment.