How do I verify I am using 9.9.9.9 for DNS?
You can use tcpdump
to see where the DNS traffic goes:
# tcpdump -i eth0 -n udp port 53 or tcp port 53
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
16:09:02.961122 IP 192.168.115.15.49623 > 192.168.115.5.53: 6115+ A? www.heise.de. (30)
16:09:02.983664 IP 192.168.115.5.53 > 192.168.115.15.49623: 6115 1/13/14 A 193.99.144.85 (493)
I'm not getting a direct method to check which DNS address your router is using. So, I'm suggesting alternate method using dig
.
Try digging different domains like
dig facebook.com
dig msn.com
dig google.com
DNS use extensive caching. So after first time a domain is quarried your router will catch the result and deliver it without asking 9.9.9.9
. But if the router is quarried with new domain each time it must ask 9.9.9.9
So,chose at least 10 different domains. And from the reply of dig
you can find the responding DNS server. If it's 9.9.9.9
then your router must be using that.
After the Answer Section
of the response from dig
you shall see like this
;; Query time: 522 msec
;; SERVER: 9.9.9.9#53(9.9.9.9)
;; WHEN: Sat Nov 25 20:12:59 IST 2017
;; MSG SIZE rcvd: 54
NOTE Don't try very unknown domain. In that case the answer must be fetched from the authoritative nameserver. Or some server between quad9 and authoritative may response. So, use familiar domains which are expected to be pre-cached by 9.9.9.9
. And don't rely the result from a single domain. Try with multiple domains.