I have found that if I attempt to access a web based service internal to my home network then Chrome will fail to properly resolve the URL. An example would be if I were to try to browse to my Plex server using its fqdn; plex.mydomain.com. This is only if the “Secure DNS” setting is enabled. It appears to be directing my web requests to a DNS server outside my network. Rather than taking me to my Plex server web frontend I’ll actually be redirected to a page on my pfsense router with an error warning me of a potential DNS Rebinding attack.
I run my own internal DNS server. It’s a simply Windows 2012r2 server. Everything on my internal network is pointed to this server, which is configured to forward requests to Google’s DNS server for records that it doesn’t know about.
I like the idea of using Secure DNS (or DNS over HTTPS). But I can’t seem to use it for the above reason. I’m wondering though, if I were to configure my internal DNS server to support DNSSEC then that might fix the problem. I’m thinking I’d also need to adjust my Chrome settings to use my internal DNS server for it’s Secure DNS service. Does that all sound correct?
Has anyone else observed this problem?