cancel
Showing results for 
Search instead for 
Did you mean: 

“This network is blocking encrypted DNS traffic.”

lucy5
Grafter
Posts: 37
Thanks: 3
Registered: ‎04-04-2019

“This network is blocking encrypted DNS traffic.”

The above privacy warning has just appeared on my iPhone WiFi settings in reference to my Plusnet WiFi connection. It goes on to say that other devices can monitor and record websites and servers accessed by my device. Can anyone help? Thank you
28 REPLIES 28
jab1
Legend
Posts: 16,817
Thanks: 5,339
Fixes: 248
Registered: ‎24-02-2012

Re: “This network is blocking encrypted DNS traffic.”

Never seen that on either my iPhone or iPad. Can you possibly post a screenshot of the message?

John
dvorak
Moderator
Moderator
Posts: 29,473
Thanks: 6,623
Fixes: 1,482
Registered: ‎11-01-2008

Re: “This network is blocking encrypted DNS traffic.”

It sounds like a scammy ad, I too have never seen that and Private Relay would give a different error (and you'd have had to switch that on purposefully).

As @jab1 says a screenshot would be helpful.
Customer / Moderator
If it helped click the thumb
If it fixed it click 'This fixed my problem'
Eremite
Newbie
Posts: 1
Registered: ‎27-03-2021

Re: “This network is blocking encrypted DNS traffic.”

I have just started having the same message. I attach a screen shot.

jab1
Legend
Posts: 16,817
Thanks: 5,339
Fixes: 248
Registered: ‎24-02-2012

Re: “This network is blocking encrypted DNS traffic.”

I think I had that when I first upgraded to iOS 15 - re-reading it, it is nothing to worry about, as only other devices connected to YOUR network can monitor or record anything, and the chances of a rogue connecting to your network are remote.

John
elvenheart
Newbie
Posts: 2
Thanks: 1
Registered: ‎10-11-2021

Re: “This network is blocking encrypted DNS traffic.”

Hi, My son had this a few days back on his iphone. Checked and possibly we reconnected to wifi and all is working. I don't think it's anything serious. If all is working don't worry.

jab1
Legend
Posts: 16,817
Thanks: 5,339
Fixes: 248
Registered: ‎24-02-2012

Re: “This network is blocking encrypted DNS traffic.”

@elvenheart See my post above. It is absolutely nothing to worry about - just Apple covering themselves (probably for the litigious US market).

John
MJN
Pro
Posts: 1,318
Thanks: 161
Fixes: 5
Registered: ‎26-08-2010

Re: “This network is blocking encrypted DNS traffic.”


@jab1 wrote:

I think I had that when I first upgraded to iOS 15 - re-reading it, it is nothing to worry about, as only other devices connected to YOUR network can monitor or record anything, and the chances of a rogue connecting to your network are remote.


No, it's more than that - it means that DNS queries are visible between the device and the recursive resolver, which would be Plusnet's DNS server by default. If you have an alternative resolver configured - such as Google, Cloudflare etc - then any blocking of encrypted DNS (whether that be by the router, the ISP etc) means that exposure window is increased. The potential for exposure is not limited to the local network, although I can see why you might think that given Apple's ambiguous wording. 

@jab1 wrote:

@elvenheart See my post above. It is absolutely nothing to worry about - just Apple covering themselves (probably for the litigious US market).

The warning isn't for Apple's benefit, it is for users who might be concerned about DNS queries being sent for resolution unencrypted.

 

jab1
Legend
Posts: 16,817
Thanks: 5,339
Fixes: 248
Registered: ‎24-02-2012

Re: “This network is blocking encrypted DNS traffic.”

@MJN Thanks for the explanation, I admit to not being an expert in these matters, but for the vast majority of users, I think it is an overblown reaction. Feel free to correct me.😁

John
Chokelever
Newbie
Posts: 3
Registered: ‎16-12-2021

Re: “This network is blocking encrypted DNS traffic.”

I’m on iOS 14.7 and also get this message. I’m a new user to Plusnet. My broadband was only just activated yesterday (15/12) and this is the first time I’ve seen the privacy warning. It is somewhat worrying.

TheMightyAJ
Plusnet Alumni (retired)
Plusnet Alumni (retired)
Posts: 2,511
Fixes: 126
Registered: ‎26-03-2018

Re: “This network is blocking encrypted DNS traffic.”

Hey @Chokelever

Apologies for any concern this may have caused. This isn't anything to worry about and can be safely ignored Smiley

If this post resolved your issue please click the 'This fixed my problem' button
 Alex H
 Plusnet Help Team
bobpullen
Community Gaffer
Community Gaffer
Posts: 16,869
Thanks: 4,950
Fixes: 315
Registered: ‎04-04-2007

Re: “This network is blocking encrypted DNS traffic.”


@MJN wrote:

@jab1 wrote:

I think I had that when I first upgraded to iOS 15 - re-reading it, it is nothing to worry about, as only other devices connected to YOUR network can monitor or record anything, and the chances of a rogue connecting to your network are remote.


No, it's more than that - it means that DNS queries are visible between the device and the recursive resolver, which would be Plusnet's DNS server by default. If you have an alternative resolver configured - such as Google, Cloudflare etc - then any blocking of encrypted DNS (whether that be by the router, the ISP etc) means that exposure window is increased. The potential for exposure is not limited to the local network, although I can see why you might think that given Apple's ambiguous wording. 


Assuming this to be the case, the wording isn't ambiguous, it's outright misleading. I know of no reason why a device cannot be configured to use DoT or DoH whilst connected to a Plusnet router/the Plusnet network Huh

Bob Pullen
Plusnet Product Team
If I've been helpful then please give thanks ⤵

MJN
Pro
Posts: 1,318
Thanks: 161
Fixes: 5
Registered: ‎26-08-2010

Re: “This network is blocking encrypted DNS traffic.”


@bobpullen wrote:


Assuming this to be the case, the wording isn't ambiguous, it's outright misleading. I know of no reason why a device cannot be configured to use DoT or DoH whilst connected to a Plusnet router/the Plusnet network Huh


The issue is that the client's configured recursive resolver target needs to support DoT/DoH (ideally every hop in the chain does but the client can only observe the behaviour of the first hop) and, by default, this will be the router or Plusnet's DNS server hence the warning if they don't support it. The warning is only saying how things are, not how they could be if reconfigured.

bobpullen
Community Gaffer
Community Gaffer
Posts: 16,869
Thanks: 4,950
Fixes: 315
Registered: ‎04-04-2007

Re: “This network is blocking encrypted DNS traffic.”

In which case it should say something akin to 'not currently configured to use...' or 'Your DNS traffic is currently unencrypted'.

'Blocking' implies exactly that. That we/the ISP are intentionally preventing the use of something, which is evidently not the case here.

The cynic in me does wonder whether or not the terminology is so aggressive as to push customers towards paid iCloud subscriptions/Private Relay Huh

Bob Pullen
Plusnet Product Team
If I've been helpful then please give thanks ⤵

jab1
Legend
Posts: 16,817
Thanks: 5,339
Fixes: 248
Registered: ‎24-02-2012

Re: “This network is blocking encrypted DNS traffic.”

You could be on to something there with your 'cynic' assumption, @bobpullen , and unfortunately there could be many who might fall for it - most users wouldn't spot the obvious.

John