Hi,
I noticed today that adult sites are no longer being filtered on Android. I double checked and the correct resolvers are set via DHCP. Then I noticed that Private DNS showed it was active. 1.1.1.1/help also confirms that DoT is being used. Setting Private DNS to off restored the adult filter. Can you please make sure that Android’s automatic DoT applies the same filtering that is specified by the DHCP resolvers?
Thanks
I just noticed an issue with Android private DNS today. I am specifying 1.1.1.3 via DHCP to my phones. With private DNS set to Automatic, I am able to access adult sites. Disabling private DNS resolves the issue. I did not have this same problem when testing 1.1.1.3 on android several days ago.
Hi @bsnowden,
DNS over TLS support for 1.1.1.3 is on the way, the setup instructions will be updated once released.
I don’t really care about private DNS. I care about the content filtering. The default for Android is automatic private DNS which causes content filtering to stop working even though the resolvers are set to 1.1.1.3. Automatic private DNS should not be causing queries to go to 1.1.1.1 instead of 1.1.1.3.
But it is available automatically now. That is the problem. Resolvers are set to 1.1.1.3. Content filtering worked fine on Android once they started returning 0.0.0.0 for blocked queries instead of refusing queries. Now all the sudden content filtering is not working because Android is activating private DNS where it previously did not with 1.1.1.3 set. Cloudflare needs to make sure that Android does not enable private DNS to 1.1.1.1 when resolvers are set to 1.1.1.3. DoT would be nice to have to 1.1.1.3 but until they get it working, they need to make sure Android does not detect dot as being available as it is currently automatically enabling dot to 1.1.1.1 thus removing all content filtering.
