A VPN is only as much of a security improvement as the service behind it. If it gets installed in a shady way, how much trust can you put into the service?
A VPN is only as much of a security improvement as the service behind it. If it gets installed in a shady way, how much trust can you put into the service?
Not that unusual depending on the software. A lot of them honour the TTL literally.
One enterprise software I know that does it is VMware vcenter. I’m sure there’s plenty of consumer software that retries excessively.
As per the link you would have to set up the Canary domain. On pihole you can add custom domain names and that should be enough.
Reading the documentation again you should even just be able to blacklist the domain and it’ll make Firefox use local DNS in the network.
Please check https://support.mozilla.org/en-US/kb/canary-domain-use-application-dnsnet
It might be that Firefox on Android is defaulting to only DNS over HTTPS for you
There’s a “hub” mode where your endpoint inside the network grants access to the whole network like a standard VPN server.