After installation, your DNS will change. Here's why!
After you install the Cisco Umbrella roaming client you'll notice that the IP address gets changed to localhost or 127.0.0.1, otherwise known as the loopback interface. This is normal and expected behavior.
The Umbrella roaming client runs as a local service which is used as a local resolver and DNS forwarder, encrypting and authenticating requests using the DNSCrypt protocol. Requests are then forwarded to Umbrella’s anycast IPs, with the replies returned to the host through the loopback interface. This essentially makes the Umbrella roaming client a DNS Proxy, which is why you see the DNS change to localhost/127.0.0.1. The DNSCrypt protocol makes all of your transactions secure.
How to resolve internal hosts when using the Umbrella Roaming Client
You can still resolve internal hosts by adding these domains in the dashboard. (Deployments > Configuration > Domain Management
- Navigate to Deployments > Configuration > Domain Management.
- Click the (Add) icon.
When a domain is added to this list, the Umbrella roaming client sends these domains to the internal DNS server set by DHCP settings or internal DNS servers statically set prior to starting the roaming client service. For more information on this, please see the following page on adding Internal Domains to the Roaming list.
A more detailed technical discussion of internal DNS allow listing can be found here: https://support.umbrella.com/hc/en-us/articles/230905228-Umbrella-Roaming-Client-Deployment-Guide-Internal-Domains
What happens when I change DNS away from Localhost?
The roaming client will notice that the DNS servers have changed note down the internal DNS server that has been set. It will use these new DNS servers for internal DNS resolution and set DNS back to localhost to resume normal operation of the service.