The servers that are run by the ISPs, which is what is used by the vast majority of end users in practice (usually indirectly via their router, as you've mentioned).
That's where we get back to my original point - the goal of these measures is not to ensure that there are no loopholes, but rather to make it difficult enough that the vast majority won't be able to / won't bother to use them.