[SOLVED] 1.1.1.1/help debug result changes over time (even if i changed the dns in router)

Jan 12, 2022
1
0
10
Hello everyone, I just followed the steps to put 1.1.1.1 DNS on my android phone as well as my router.
In the help page found here: https://1.1.1.1/help , here are my results on Android:
Connected to 1.1.1.1: No
Using DNS over HTTPS (DoH): No
Using DNS over TLS (Dot): No
1.1.1.1: Yes
1.0.0.1: Yes
[… the other two iPv6 connections]: No

I refreshed the page several times and the result changes over time if i disconnect/connect the router without changing any config.
As for when my wifi is on, I get the following results (on my android/linux/windows machines):
Connected to 1.1.1.1: Sometimes no, sometimes yes (which is weird?)
Using DNS over HTTPS (DoH): No (this also varies sometimes, but the number of 'No' is greater)
Using DNS over TLS (Dot): No
1.1.1.1: Yes
1.0.0.1: Yes
[… the other two iPv6 connections]: No
Also, how do I activate using DNS over HTTPS?
Thanks for your help!
 
Solution
The problem would be if the phone is using the router as a proxy dns. This is the default.

To use things like DNS over HTTPS it needs to talk directly to the dns server since it is encrypted. The router in effect is doing a man in the middle attack. In theory at least it is suppose to improve performance because the router will cache results but it seem to cause more issues than it solves.

If you force the phone to use 1.1.1.1 as it dns server and never use the router as a proxy you should see "yes".

This has been made somewhat more complex by google...who also to point supports encrypted dns. The chrome browser and maybe others allow you to put the DNS in the browser itself. This will override the setting you placed...
Hi i dont know if the following will work on an android phone but this is what a lot of people were told to do when something happened to microsofts update server a few years ago and you could not connect to updates.

NOTE .... these instructions are for pc so the route to your settings may vary but as you have printed the figures you obviously know where to find them

right click the icon to the internet to the left of your speaker icon , click on change adaptor options , right click your internet connection icon and choose properties , click on internet protocol v 4 to highlight it then properties , on the bottom half of the page you are looking at now , click on the button use the following dns , now in the first box you need 8 8 8 8 and in the second you need 8 8 4 4 , finally tick validate settings before exit .
 
The problem would be if the phone is using the router as a proxy dns. This is the default.

To use things like DNS over HTTPS it needs to talk directly to the dns server since it is encrypted. The router in effect is doing a man in the middle attack. In theory at least it is suppose to improve performance because the router will cache results but it seem to cause more issues than it solves.

If you force the phone to use 1.1.1.1 as it dns server and never use the router as a proxy you should see "yes".

This has been made somewhat more complex by google...who also to point supports encrypted dns. The chrome browser and maybe others allow you to put the DNS in the browser itself. This will override the setting you placed in the say the nic. Not sure I have not messed with this on a phone so I can't say if it all works the same
I know there are many things you can set on wifi you can't set when it is use mobile broadband network.

At the moment I have the nic on this pc set to 8.8.8.8 and the chrome browser set to use 1.1.1.1. I did not set firefox so chrome uses cloudflare and firefox uses google, not encrypted from what I can tell.
 
Solution