Alright so basically I'm not allowed to even see the firewall at school (i don't even know how to login tbh, it's cisco). from what i'm told, ports checks notes 80, 443, and 1194 are the only ports that outgoing traffic is allowed to. in other words, dns is/should be completely blocked. but when i set my DNS servers to cloudflare or google or quad9 (one of the well known ones for example), it's allowed. but whenever i use my own DNS servers, the firewall rejects it (as it should)
does anyone have any idea why these dns servers bypass the rules. i have no idea what the rules are but my firewall at home blocks ALL dns (besides nxfilter). specifically asking because apparently i'm told that netspective can be bypassed by using your own DNS servers and blocking webfilter.myschoonamegoeshere.net from resolving. i tried this and it actually does work. it unblocks everything when a chromebook can't connect to netspective. this is at home where i made that happen, but how does it happen at school then??? if only known DNS providers are allowed then how is it being bypassed? or how would i make my own DNS servers not be blocked? is there something i'm missing? whenever i go to 1.1.1.1/help (i can access this no matter what DNS because its an IP) it days DNS over HTTPS no and DNS over TLS no. plus DNS over HTTPS is force disabled on chromebooks provisioned by us. also, i know it's not an opendns rule. i set my DNS to opendns and it resolves. if it was set to opendns, it's IP based meaning no one with opendns would be able to connect (which is not the case)
any ideas how i can either: make my DNS follow the rules of the major DNS providers or how the major ones are bypassing port 53 being blocked? i'll try and see if i can somehow get the exact rules that are setup on the firewall
by the way I was using DNS servers from my linode server which is running pi hole
no idea if this thread made sense but the problem doesn't make sense either
