[CamJN]

Well, all dns except that over ipv6, DOH, DOT, software using a separate resolver hard-coded to a specific ip... The amount of work to force dns to your dns server these days is nuts.

I use a pi-hole and these days I have to:

- block dns advertisement of my ISP's dns server for ipv6 (which, there's no UI for that on my router so i have to edit the config by hand) - maintain a list of dns over https ips and block them in my firewall (since mitming this traffic is a huge pain) - force all traffic to port 853 to my pi and setup a masquerade for that traffic so the client doesn't know - force all traffic to port 53 to my pi and setup a masquerade for that traffic so the client doesn't know