DNS settings - I have questions (sorry for the length and basic context).
I use Linux with openVPN that is configured with systemd and firewall UFW.
1. Does it matter whether one uses openDNS (e.g. 126.96.36.199, 188.8.131.52) or the VPN entry IP address? (I use the openDNS IPs because they seemed on occasion to be more reliable i.e. when VPN drops at least I still have DNS resolution)
2. Entry point IPs are listed herehttps://github.com/cryptostorm/cstorm_d ... olvers.csv
which gives a "Resolver Address" for example as: Vilnius, Lithuania 184.108.40.206
Are these forever fixed for the life of the list?
3. However, when one from the command-line does say:
$ nslookup linux-lithuania.cryptostorm.net
Should I always use the Resolver Address of 220.127.116.11?
4. Is there a way to get this Resolver Address of linux-lithuania.cryptostorm.net without the need to lookup the Resolver List. i.e. using some command line query like nslookup?
5. Should my firewall UFW in this example allow outbound access to both 18.104.22.168 and 22.214.171.124?
6. If I run nslookup on the IP addresses listed in
$ nslookup linux-balancer.cryptostorm.net
In my lithuania example this gives:
$ nslookup 126.96.36.199
188.8.131.52.in-addr.arpa name = hst-93-115-30-155.balticservers.eu.
Authoritative answers can be found from:
but in some cases one sees e.g.:
** server can't find 184.108.40.206.in-addr.arpa: NXDOMAIN
Does this mean the server is down. If so, how does balancer compensate? (e.g. Does it just move on to the next)
7. Should I be using DNScrypt? I assume it is a different setup to what I discussed above? (Haven't quite worked it out or found a good resource to explain its benefits or usage)