cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Why have Plusnet blocked secure DNS?

bobpullen
Community Gaffer
Community Gaffer
Posts: 16,887
Thanks: 4,979
Fixes: 316
Registered: ‎04-04-2007

Re: Why have Plusnet blocked secure DNS?

‎28-07-2020 9:38 AM

@pv we considered a similar approach back when we deployed it.

Anyway, for anybody suffering this problem who might want to leave Safeguard enabled: I've done a bit of tinkering and it seems that whitelisting your DoT resolver of choice will also work around this problem:-

saveguard.JPG

nslookup dns.google 213.120.234.38
Server:  indnsc102.bt.net
Address:  213.120.234.38

Non-authoritative answer:
Name:    dns.google
Addresses:  2001:4860:4860::8844
          2001:4860:4860::8888
          8.8.8.8
          8.8.4.4


>nslookup 1dot1dot1dot1.cloudflare-dns.com 213.120.234.38
Server:  indnsc102.bt.net
Address:  213.120.234.38

Non-authoritative answer:
Name:    1dot1dot1dot1.cloudflare-dns.com
Addresses:  2606:4700:4700::1111
          2606:4700:4700::1001
          1.0.0.1
          1.1.1.1


>nslookup dns.quad9.net 213.120.234.38
Server:  indnsc102.ukcore.bt.net
Address:  213.120.234.38

Non-authoritative answer:
Name:    dns.quad9.net
Addresses:  2620:fe::fe
          2620:fe::9
          149.112.112.112
          9.9.9.9

 

Bob Pullen
Plusnet Product Team
If I've been helpful then please give thanks ⤵
Message 46 of 55
(2,950 Views)
pv
Grafter
Posts: 84
Thanks: 8
Registered: ‎12-06-2019

Re: Why have Plusnet blocked secure DNS?

‎28-07-2020 11:45 AM

@bobpullen wrote:

@pv we considered a similar approach back when we deployed it.

 

I see. Interesting the idea was abandoned then, I'm generally of the opinion that if you are going to implement something that is so trivial to circumvent, you might as well not bother at all.

Message 47 of 55
(2,926 Views)
0 Thanks
VileReynard
Hero
Posts: 12,616
Thanks: 582
Fixes: 20
Registered: ‎01-09-2007

Re: Why have Plusnet blocked secure DNS?

‎28-07-2020 7:09 PM

So Safeguard blocks access to DNS resolvers such as google and 1.1.1.1 by default?

 

"In The Beginning Was The Word, And The Word Was Aardvark."

Message 48 of 55
(2,905 Views)
0 Thanks
bobpullen
Community Gaffer
Community Gaffer
Posts: 16,887
Thanks: 4,979
Fixes: 316
Registered: ‎04-04-2007

Re: Why have Plusnet blocked secure DNS?

‎28-07-2020 7:48 PM - edited ‎28-07-2020 7:49 PM

No. It blocks access to the hostname equivalents; the ones you would use to configure a device for DNS over TLS.

If you configure a client to simply use the IP address of another traditional DNS resolver, then Safeguard doesn't get a say in it.

Bob Pullen
Plusnet Product Team
If I've been helpful then please give thanks ⤵
Message 49 of 55
(2,892 Views)
Horvi
Newbie
Posts: 2
Registered: ‎30-07-2020

Re: DNS over TLS (Private DNS) on Android suddenly stopped working overnight

‎30-07-2020 12:49 PM

Same issue here, it took me a while to find out what's wrong with my phone, since it's the only phone in the house that uses private dns. But it stopped working a 1-2 weeks ago. On mobile data, it works just fine. Any solution for this?

Message 50 of 55
(2,878 Views)
0 Thanks
MisterW
Superuser
Superuser
Posts: 14,709
Thanks: 5,498
Fixes: 393
Registered: ‎30-07-2007

Re: DNS over TLS (Private DNS) on Android suddenly stopped working overnight

‎30-07-2020 1:00 PM

@Horvi  check this thread https://community.plus.net/t5/Tech-Help-Software-Hardware-etc/Why-have-Plusnet-blocked-secure-DNS/td... .  It appears that you may need to whitelist the private dns urls if you have Safeguard enabled

Superusers are not staff, but they do have a direct line of communication into the business in order to raise issues, concerns and feedback from the community.

Message 51 of 55
(2,869 Views)
0 Thanks
Anonymous
Not applicable

Re: DNS over TLS (Private DNS) on Android suddenly stopped working overnight

‎30-07-2020 1:07 PM - edited ‎30-07-2020 1:09 PM

@Horvi wrote:

Any solution for this?

 

See workaround here -  Why have Plusnet blocked secure DNS? 

 

EDIT: @MisterW beat me to it !

Message 52 of 55
(2,867 Views)
0 Thanks
Horvi
Newbie
Posts: 2
Registered: ‎30-07-2020

Re: DNS over TLS (Private DNS) on Android suddenly stopped working overnight

‎30-07-2020 2:05 PM

Thank you guys! However I'm not sure how to do it. Please pretend I'm a 5y old. I used dns.adguard.com on my phone. How to whitelist it? Thanks Smiley
Message 53 of 55
(2,846 Views)
0 Thanks
MisterW
Superuser
Superuser
Posts: 14,709
Thanks: 5,498
Fixes: 393
Registered: ‎30-07-2007

Re: DNS over TLS (Private DNS) on Android suddenly stopped working overnight

‎30-07-2020 2:27 PM - edited ‎30-07-2020 2:47 PM

@Horvi  look above at post 46.

Login to your account on the member centre, click the broadband icon and select Safeguard from the Help and settings links towards the bottom of the page.

Then select Allow websites and enter dns.adguard.com into the Add a website box and click Add

 

That should just about do it...

Superusers are not staff, but they do have a direct line of communication into the business in order to raise issues, concerns and feedback from the community.

Message 54 of 55
(2,836 Views)
0 Thanks
dvorak
Moderator
Moderator
Posts: 29,498
Thanks: 6,627
Fixes: 1,483
Registered: ‎11-01-2008

Re: DNS over TLS (Private DNS) on Android suddenly stopped working overnight

‎30-07-2020 2:28 PM


Moderators Note


Topics merged and then moved to Everything Else from Fibre. 

Customer / Moderator
If it helped click the thumb
If it fixed it click 'This fixed my problem'
Message 55 of 55
(2,834 Views)
0 Thanks