# unbound blocked by ISP?

## grant123

unbound won't work in the last couple of hotels I've stayed in.  Is this likely due to the ISP blocking port 53?  Is there anything I can do about this or am I stuck with their DNS?

----------

## eccerr0r

I was wondering, what is unbound, it's net-dns/unbound and is a DNS server.

However, DNS can't really be blocking port 53 for outgoing, it'd break everything as everything relies on DNS.  Incoming however, even a simple NAT will block it.

I don't see why you can't run your own caching DNS server though since there shouldn't be incoming DNS.  Are you sure your config still works?  Why are you using a caching DNS server for a single machine?

----------

## grant123

 *Quote:*   

> However, DNS can't really be blocking port 53 for outgoing, it'd break everything as everything relies on DNS.

 

Good point, but maybe the ISP is blocking outgoing DNS to all except their own DNS servers?  Is that done sometimes?  I'm at a residence now and unbound works without any change in config.

 *Quote:*   

> Are you sure your config still works?

 

It actually should (and used to) work without any configuration.  I checked unbound.conf but I don't see anything that could help.

 *Quote:*   

> Why are you using a caching DNS server for a single machine?

 

Please correct me if I'm wrong, but doesn't caching reduce the number of outgoing DNS requests from the single machine?

----------

## eccerr0r

Yes it's also possible that ISPs block all requests to DNS servers outside their network, possibly because they it's needed to make captive portals work.

I thought single machines with modern OS will cache DNS entries at least for a short while.  Depending on TTL given by the DNS server, it will drop DNS lookups, but a caching server should also drop them too.  I just ran sniffed my ether and it looks like this is the case, my Linux box appears to self cache some lookups, multiple lookups in succession don't appear to send out another DNS request unless the TTL for the entry is really short (like google...).

----------

## grant123

 *Quote:*   

> Why are you using a caching DNS server for a single machine?

 

Is there a better (non-caching) choice for a single machine?

----------

