X
Tap here to go to the mobile version of the site.

Support Forum

DNS over HTTPs stopped working

Posted

Today Nov-26--2019 all my DNs over HTTPs devices which include linux , Mac OS and Android stopped working over DOH. the cloudflare settings are as follows.

https://1.1.1.1/help#eyJpc0NmIjoiTm8iLCJpc0RvdCI6Ik5vIiwiaXNEb2giOiJObyIsInJlc29sdmVySXAtMS4xLjEuMSI6IlllcyIsInJlc29sdmVySXAtMS4wLjAuMSI6IlllcyIsInJlc29sdmVySXAtMjYwNjo0NzAwOjQ3MDA6OjExMTEiOiJObyIsInJlc29sdmVySXAtMjYwNjo0NzAwOjQ3MDA6OjEwMDEiOiJObyIsImRhdGFjZW50ZXJMb2NhdGlvbiI6IllZWiIsImlzV2FycCI6Ik5vIiwiaXNwTmFtZSI6IkNsb3VkZmxhcmUiLCJpc3BBc24iOiIxMzMzNSJ9

The traceroute shows access to the 1.1.1.1 network 3 3.52.251.198.in-addr.arpa (198.251.52.3) 20.584 ms 81.945 ms 56.215 ms

4  198.251.49.89 (198.251.49.89)  21.406 ms  21.144 ms  22.069 ms
5  198.251.51.56 (198.251.51.56)  22.771 ms  22.709 ms  21.188 ms
6  198.251.50.16 (198.251.50.16)  22.807 ms  78.695 ms  96.269 ms
7  cloudflare.ip4.torontointernetxchange.net (206.108.34.208)  106.362 ms  93.731 ms  95.215 ms
8  one.one.one.one (1.1.1.1)  164.851 ms *  88.710 ms

My Firefox setting has DNS over hTTPS enabled no extensions and configured for cloudflare and my about:config settings network.trr.bootstrapAddress;1.1.1.1 network.trr.mode;3 network.trr.resolvers;[{ "name": "Cloudflare", "url": "https://mozilla.cloudflare-dns.com/dns-query" }]

Network mode 3 means DOH should only resolve using DOH but I can still get to other sites instead of a message say "hmm where having trouble finding that site"

Does anyone have an idea as to what causes this issue?

Today Nov-26--2019 all my DNs over HTTPs devices which include linux , Mac OS and Android stopped working over DOH. the cloudflare settings are as follows. https://1.1.1.1/help#eyJpc0NmIjoiTm8iLCJpc0RvdCI6Ik5vIiwiaXNEb2giOiJObyIsInJlc29sdmVySXAtMS4xLjEuMSI6IlllcyIsInJlc29sdmVySXAtMS4wLjAuMSI6IlllcyIsInJlc29sdmVySXAtMjYwNjo0NzAwOjQ3MDA6OjExMTEiOiJObyIsInJlc29sdmVySXAtMjYwNjo0NzAwOjQ3MDA6OjEwMDEiOiJObyIsImRhdGFjZW50ZXJMb2NhdGlvbiI6IllZWiIsImlzV2FycCI6Ik5vIiwiaXNwTmFtZSI6IkNsb3VkZmxhcmUiLCJpc3BBc24iOiIxMzMzNSJ9 The traceroute shows access to the 1.1.1.1 network 3 3.52.251.198.in-addr.arpa (198.251.52.3) 20.584 ms 81.945 ms 56.215 ms 4 198.251.49.89 (198.251.49.89) 21.406 ms 21.144 ms 22.069 ms 5 198.251.51.56 (198.251.51.56) 22.771 ms 22.709 ms 21.188 ms 6 198.251.50.16 (198.251.50.16) 22.807 ms 78.695 ms 96.269 ms 7 cloudflare.ip4.torontointernetxchange.net (206.108.34.208) 106.362 ms 93.731 ms 95.215 ms 8 one.one.one.one (1.1.1.1) 164.851 ms * 88.710 ms My Firefox setting has DNS over hTTPS enabled no extensions and configured for cloudflare and my about:config settings network.trr.bootstrapAddress;1.1.1.1 network.trr.mode;3 network.trr.resolvers;[{ "name": "Cloudflare", "url": "https://mozilla.cloudflare-dns.com/dns-query" }] Network mode 3 means DOH should only resolve using DOH but I can still get to other sites instead of a message say "hmm where having trouble finding that site" Does anyone have an idea as to what causes this issue?
Attached screenshots
Quote

Additional System Details

Application

  • User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:70.0) Gecko/20100101 Firefox/70.0

More Information

RobertJ
  • Top 10 Contributor
115 solutions 1240 answers

Hi Mace2, I'm not certain if it's relevant but, Malwarebytes is now blocking https://1.1.1.1/help/

Hi Mace2, I'm not certain if it's relevant but, Malwarebytes is now blocking https://1.1.1.1/help/
Was this helpful to you?
Quote

Question owner

The problem appears to be with the data centre YYZ. But strangely about:networking#dns gives the result that TRR is true for all sites.

This suggests DOH is working.

The problem appears to be with the data centre YYZ. But strangely about:networking#dns gives the result that TRR is true for all sites. This suggests DOH is working.
Was this helpful to you?
Quote

Question owner

The problem seems to be confirmed by cloudflare support by another person going through YYZ cloudflare center.

https://1.1.1.1/help#eyJpc0NmIjoiTm8iLCJpc0RvdCI6Ik5vIiwiaXNEb2giOiJObyIsInJlc29sdmVySXAtMS4xLjEuMSI6IlllcyIsInJlc29sdmVySXAtMS4wLjAuMSI6IlllcyIsInJlc29sdmVySXAtMjYwNjo0NzAwOjQ3MDA6OjExMTEiOiJObyIsInJlc29sdmVySXAtMjYwNjo0NzAwOjQ3MDA6OjEwMDEiOiJObyIsImRhdGFjZW50ZXJMb2NhdGlvbiI6IllZWiIsImlzV2FycCI6Ik5vIiwiaXNwTmFtZSI6IkNsb3VkZmxhcmUiLCJpc3BBc24iOiIxMzMzNSJ9

The cloudflare IP I am going through for DOH is 108.162.240.42.

The problem seems to be confirmed by cloudflare support by another person going through YYZ cloudflare center. https://1.1.1.1/help#eyJpc0NmIjoiTm8iLCJpc0RvdCI6Ik5vIiwiaXNEb2giOiJObyIsInJlc29sdmVySXAtMS4xLjEuMSI6IlllcyIsInJlc29sdmVySXAtMS4wLjAuMSI6IlllcyIsInJlc29sdmVySXAtMjYwNjo0NzAwOjQ3MDA6OjExMTEiOiJObyIsInJlc29sdmVySXAtMjYwNjo0NzAwOjQ3MDA6OjEwMDEiOiJObyIsImRhdGFjZW50ZXJMb2NhdGlvbiI6IllZWiIsImlzV2FycCI6Ik5vIiwiaXNwTmFtZSI6IkNsb3VkZmxhcmUiLCJpc3BBc24iOiIxMzMzNSJ9 The cloudflare IP I am going through for DOH is 108.162.240.42.
Was this helpful to you?
Quote

Question owner

The issue affects only data centres YYZ (Toronto, Canada) and only prevents the 1.1.1.1/help from displaying connection to DOH. DOH still functions.

the current DOH from cloudflare that doesn't provide proper script value is 108.162.240.117

The issue affects only data centres YYZ (Toronto, Canada) and only prevents the 1.1.1.1/help from displaying connection to DOH. DOH still functions. the current DOH from cloudflare that doesn't provide proper script value is 108.162.240.117

Modified by Mace2

Was this helpful to you?
Quote
RobertJ
  • Top 10 Contributor
115 solutions 1240 answers

Just a thought. Do you have network.security.esni.enabled set to True?

If not, does it make a difference?

Just a thought. Do you have network.security.esni.enabled set to True? If not, does it make a difference?
Was this helpful to you?
Quote

Question owner

This is not a configuration problem as it effects more than one system and if I use a VPN it works.

https://1.1.1.1/help#eyJpc0NmIjoiWWVzIiwiaXNEb3QiOiJObyIsImlzRG9oIjoiWWVzIiwicmVzb2x2ZXJJcC0xLjEuMS4xIjoiWWVzIiwicmVzb2x2ZXJJcC0xLjAuMC4xIjoiWWVzIiwicmVzb2x2ZXJJcC0yNjA2OjQ3MDA6NDcwMDo6MTExMSI6Ik5vIiwicmVzb2x2ZXJJcC0yNjA2OjQ3MDA6NDcwMDo6MTAwMSI6Ik5vIiwiZGF0YWNlbnRlckxvY2F0aW9uIjoiQU1TIiwiaXNXYXJwIjoiTm8iLCJpc3BOYW1lIjoiQ2xvdWRmbGFyZSIsImlzcEFzbiI6IjEzMzM1In0=

Connected to 1.1.1.1 Yes Using DNS over HTTPS (DoH) Yes Using DNS over TLS (DoT) No Using DNS over WARP No AS Name Cloudflare AS Number 13335 Cloudflare Data Center AMS



Interestingly my ISP DNS DNS1:198.251.50.199 DNS2:198.251.50.200

Does not resolve certain sites.

This is not a configuration problem as it effects more than one system and if I use a VPN it works. https://1.1.1.1/help#eyJpc0NmIjoiWWVzIiwiaXNEb3QiOiJObyIsImlzRG9oIjoiWWVzIiwicmVzb2x2ZXJJcC0xLjEuMS4xIjoiWWVzIiwicmVzb2x2ZXJJcC0xLjAuMC4xIjoiWWVzIiwicmVzb2x2ZXJJcC0yNjA2OjQ3MDA6NDcwMDo6MTExMSI6Ik5vIiwicmVzb2x2ZXJJcC0yNjA2OjQ3MDA6NDcwMDo6MTAwMSI6Ik5vIiwiZGF0YWNlbnRlckxvY2F0aW9uIjoiQU1TIiwiaXNXYXJwIjoiTm8iLCJpc3BOYW1lIjoiQ2xvdWRmbGFyZSIsImlzcEFzbiI6IjEzMzM1In0= Connected to 1.1.1.1 Yes Using DNS over HTTPS (DoH) Yes Using DNS over TLS (DoT) No Using DNS over WARP No AS Name Cloudflare AS Number 13335 Cloudflare Data Center AMS Interestingly my ISP DNS DNS1:198.251.50.199 DNS2:198.251.50.200 Does not resolve certain sites.
Was this helpful to you?
Quote

Question owner

I have a ? result for secure DNS, result from Cloudfllare test site . I have also opened a question on cloudflare and no answer as of yet 4-dec-2019 has been provided. There appears to be manipulation of the cloudflare site for 1.1.1.1./help

[test site]


any ideas

I have a ? result for secure DNS, result from Cloudfllare test site . I have also opened a question on cloudflare and no answer as of yet 4-dec-2019 has been provided. There appears to be manipulation of the cloudflare site for 1.1.1.1./help [[https://www.cloudflare.com/ssl/encrypted-sni/|Cloudflare test site]] any ideas

Modified by Mace2

Was this helpful to you?
Quote
Ask a question

You must log in to your account to reply to posts. Please start a new question, if you do not have an account yet.