X
Thinta lapha ukuze uye kuveshini yamakhalekhukhwini kusayithi.

Isithangami Sabeseki

DNS over HTTPs stopped working

Kuphostiwe

Today Nov-26--2019 all my DNs over HTTPs devices which include linux , Mac OS and Android stopped working over DOH. the cloudflare settings are as follows.

https://1.1.1.1/help#eyJpc0NmIjoiTm8iLCJpc0RvdCI6Ik5vIiwiaXNEb2giOiJObyIsInJlc29sdmVySXAtMS4xLjEuMSI6IlllcyIsInJlc29sdmVySXAtMS4wLjAuMSI6IlllcyIsInJlc29sdmVySXAtMjYwNjo0NzAwOjQ3MDA6OjExMTEiOiJObyIsInJlc29sdmVySXAtMjYwNjo0NzAwOjQ3MDA6OjEwMDEiOiJObyIsImRhdGFjZW50ZXJMb2NhdGlvbiI6IllZWiIsImlzV2FycCI6Ik5vIiwiaXNwTmFtZSI6IkNsb3VkZmxhcmUiLCJpc3BBc24iOiIxMzMzNSJ9

The traceroute shows access to the 1.1.1.1 network 3 3.52.251.198.in-addr.arpa (198.251.52.3) 20.584 ms 81.945 ms 56.215 ms

4  198.251.49.89 (198.251.49.89)  21.406 ms  21.144 ms  22.069 ms
5  198.251.51.56 (198.251.51.56)  22.771 ms  22.709 ms  21.188 ms
6  198.251.50.16 (198.251.50.16)  22.807 ms  78.695 ms  96.269 ms
7  cloudflare.ip4.torontointernetxchange.net (206.108.34.208)  106.362 ms  93.731 ms  95.215 ms
8  one.one.one.one (1.1.1.1)  164.851 ms *  88.710 ms

My Firefox setting has DNS over hTTPS enabled no extensions and configured for cloudflare and my about:config settings network.trr.bootstrapAddress;1.1.1.1 network.trr.mode;3 network.trr.resolvers;[{ "name": "Cloudflare", "url": "https://mozilla.cloudflare-dns.com/dns-query" }]

Network mode 3 means DOH should only resolve using DOH but I can still get to other sites instead of a message say "hmm where having trouble finding that site"

Does anyone have an idea as to what causes this issue?

Today Nov-26--2019 all my DNs over HTTPs devices which include linux , Mac OS and Android stopped working over DOH. the cloudflare settings are as follows. https://1.1.1.1/help#eyJpc0NmIjoiTm8iLCJpc0RvdCI6Ik5vIiwiaXNEb2giOiJObyIsInJlc29sdmVySXAtMS4xLjEuMSI6IlllcyIsInJlc29sdmVySXAtMS4wLjAuMSI6IlllcyIsInJlc29sdmVySXAtMjYwNjo0NzAwOjQ3MDA6OjExMTEiOiJObyIsInJlc29sdmVySXAtMjYwNjo0NzAwOjQ3MDA6OjEwMDEiOiJObyIsImRhdGFjZW50ZXJMb2NhdGlvbiI6IllZWiIsImlzV2FycCI6Ik5vIiwiaXNwTmFtZSI6IkNsb3VkZmxhcmUiLCJpc3BBc24iOiIxMzMzNSJ9 The traceroute shows access to the 1.1.1.1 network 3 3.52.251.198.in-addr.arpa (198.251.52.3) 20.584 ms 81.945 ms 56.215 ms 4 198.251.49.89 (198.251.49.89) 21.406 ms 21.144 ms 22.069 ms 5 198.251.51.56 (198.251.51.56) 22.771 ms 22.709 ms 21.188 ms 6 198.251.50.16 (198.251.50.16) 22.807 ms 78.695 ms 96.269 ms 7 cloudflare.ip4.torontointernetxchange.net (206.108.34.208) 106.362 ms 93.731 ms 95.215 ms 8 one.one.one.one (1.1.1.1) 164.851 ms * 88.710 ms My Firefox setting has DNS over hTTPS enabled no extensions and configured for cloudflare and my about:config settings network.trr.bootstrapAddress;1.1.1.1 network.trr.mode;3 network.trr.resolvers;[{ "name": "Cloudflare", "url": "https://mozilla.cloudflare-dns.com/dns-query" }] Network mode 3 means DOH should only resolve using DOH but I can still get to other sites instead of a message say "hmm where having trouble finding that site" Does anyone have an idea as to what causes this issue?
Ama-screenshot ananyekiwe
Isicaphuno

Eminye Imininingwane Yohlelo

Isisebenziso

  • I-ejenti Engumsebenzisi: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:70.0) Gecko/20100101 Firefox/70.0

Eminye Imininingwane

RobertJ
  • Top 10 Contributor
117 izisombululo 1257 izimpendulo
Kuphostiwe

Hi Mace2, I'm not certain if it's relevant but, Malwarebytes is now blocking https://1.1.1.1/help/

Hi Mace2, I'm not certain if it's relevant but, Malwarebytes is now blocking https://1.1.1.1/help/
Ingabe lokhu kube usizo kuwena?
Isicaphuno

Umnikazi wombuzo

The problem appears to be with the data centre YYZ. But strangely about:networking#dns gives the result that TRR is true for all sites.

This suggests DOH is working.

The problem appears to be with the data centre YYZ. But strangely about:networking#dns gives the result that TRR is true for all sites. This suggests DOH is working.
Ingabe lokhu kube usizo kuwena?
Isicaphuno

Umnikazi wombuzo

The problem seems to be confirmed by cloudflare support by another person going through YYZ cloudflare center.

https://1.1.1.1/help#eyJpc0NmIjoiTm8iLCJpc0RvdCI6Ik5vIiwiaXNEb2giOiJObyIsInJlc29sdmVySXAtMS4xLjEuMSI6IlllcyIsInJlc29sdmVySXAtMS4wLjAuMSI6IlllcyIsInJlc29sdmVySXAtMjYwNjo0NzAwOjQ3MDA6OjExMTEiOiJObyIsInJlc29sdmVySXAtMjYwNjo0NzAwOjQ3MDA6OjEwMDEiOiJObyIsImRhdGFjZW50ZXJMb2NhdGlvbiI6IllZWiIsImlzV2FycCI6Ik5vIiwiaXNwTmFtZSI6IkNsb3VkZmxhcmUiLCJpc3BBc24iOiIxMzMzNSJ9

The cloudflare IP I am going through for DOH is 108.162.240.42.

The problem seems to be confirmed by cloudflare support by another person going through YYZ cloudflare center. https://1.1.1.1/help#eyJpc0NmIjoiTm8iLCJpc0RvdCI6Ik5vIiwiaXNEb2giOiJObyIsInJlc29sdmVySXAtMS4xLjEuMSI6IlllcyIsInJlc29sdmVySXAtMS4wLjAuMSI6IlllcyIsInJlc29sdmVySXAtMjYwNjo0NzAwOjQ3MDA6OjExMTEiOiJObyIsInJlc29sdmVySXAtMjYwNjo0NzAwOjQ3MDA6OjEwMDEiOiJObyIsImRhdGFjZW50ZXJMb2NhdGlvbiI6IllZWiIsImlzV2FycCI6Ik5vIiwiaXNwTmFtZSI6IkNsb3VkZmxhcmUiLCJpc3BBc24iOiIxMzMzNSJ9 The cloudflare IP I am going through for DOH is 108.162.240.42.
Ingabe lokhu kube usizo kuwena?
Isicaphuno

Umnikazi wombuzo

The issue affects only data centres YYZ (Toronto, Canada) and only prevents the 1.1.1.1/help from displaying connection to DOH. DOH still functions.

the current DOH from cloudflare that doesn't provide proper script value is 108.162.240.117

The issue affects only data centres YYZ (Toronto, Canada) and only prevents the 1.1.1.1/help from displaying connection to DOH. DOH still functions. the current DOH from cloudflare that doesn't provide proper script value is 108.162.240.117

Okulungisiwe ngu Mace2

Ingabe lokhu kube usizo kuwena?
Isicaphuno
RobertJ
  • Top 10 Contributor
117 izisombululo 1257 izimpendulo
Kuphostiwe

Just a thought. Do you have network.security.esni.enabled set to True?

If not, does it make a difference?

Just a thought. Do you have network.security.esni.enabled set to True? If not, does it make a difference?
Ingabe lokhu kube usizo kuwena?
Isicaphuno

Umnikazi wombuzo

This is not a configuration problem as it effects more than one system and if I use a VPN it works.

https://1.1.1.1/help#eyJpc0NmIjoiWWVzIiwiaXNEb3QiOiJObyIsImlzRG9oIjoiWWVzIiwicmVzb2x2ZXJJcC0xLjEuMS4xIjoiWWVzIiwicmVzb2x2ZXJJcC0xLjAuMC4xIjoiWWVzIiwicmVzb2x2ZXJJcC0yNjA2OjQ3MDA6NDcwMDo6MTExMSI6Ik5vIiwicmVzb2x2ZXJJcC0yNjA2OjQ3MDA6NDcwMDo6MTAwMSI6Ik5vIiwiZGF0YWNlbnRlckxvY2F0aW9uIjoiQU1TIiwiaXNXYXJwIjoiTm8iLCJpc3BOYW1lIjoiQ2xvdWRmbGFyZSIsImlzcEFzbiI6IjEzMzM1In0=

Connected to 1.1.1.1 Yes Using DNS over HTTPS (DoH) Yes Using DNS over TLS (DoT) No Using DNS over WARP No AS Name Cloudflare AS Number 13335 Cloudflare Data Center AMS



Interestingly my ISP DNS DNS1:198.251.50.199 DNS2:198.251.50.200

Does not resolve certain sites.

This is not a configuration problem as it effects more than one system and if I use a VPN it works. https://1.1.1.1/help#eyJpc0NmIjoiWWVzIiwiaXNEb3QiOiJObyIsImlzRG9oIjoiWWVzIiwicmVzb2x2ZXJJcC0xLjEuMS4xIjoiWWVzIiwicmVzb2x2ZXJJcC0xLjAuMC4xIjoiWWVzIiwicmVzb2x2ZXJJcC0yNjA2OjQ3MDA6NDcwMDo6MTExMSI6Ik5vIiwicmVzb2x2ZXJJcC0yNjA2OjQ3MDA6NDcwMDo6MTAwMSI6Ik5vIiwiZGF0YWNlbnRlckxvY2F0aW9uIjoiQU1TIiwiaXNXYXJwIjoiTm8iLCJpc3BOYW1lIjoiQ2xvdWRmbGFyZSIsImlzcEFzbiI6IjEzMzM1In0= Connected to 1.1.1.1 Yes Using DNS over HTTPS (DoH) Yes Using DNS over TLS (DoT) No Using DNS over WARP No AS Name Cloudflare AS Number 13335 Cloudflare Data Center AMS Interestingly my ISP DNS DNS1:198.251.50.199 DNS2:198.251.50.200 Does not resolve certain sites.
Ingabe lokhu kube usizo kuwena?
Isicaphuno

Umnikazi wombuzo

I have a ? result for secure DNS, result from Cloudfllare test site . I have also opened a question on cloudflare and no answer as of yet 4-dec-2019 has been provided. There appears to be manipulation of the cloudflare site for 1.1.1.1./help

[test site]


any ideas

I have a ? result for secure DNS, result from Cloudfllare test site . I have also opened a question on cloudflare and no answer as of yet 4-dec-2019 has been provided. There appears to be manipulation of the cloudflare site for 1.1.1.1./help [[https://www.cloudflare.com/ssl/encrypted-sni/|Cloudflare test site]] any ideas

Okulungisiwe ngu Mace2

Ingabe lokhu kube usizo kuwena?
Isicaphuno
Buza umbuzo

Kufanele ulogele ukungena ku-akhawunti yakho ukuze uphendule amaphosti. Uyacelwauqale umbuzo omusha, uma ungekabi nayo i-akhawunti namanje.