Android DNS

I’ve changed my Android Pie to use This seems to work fine when I’m on my home WiFi. But on my work’s WiFi, the WiFi says “No internet”. If I change back to default DNS, I don’t have this problem. So I guess it’s incompatible with my work’s WiFi. Is there any way to use the Cloudflare DNS all the time except when I’m on work’s WiFi? I also tried the app, but it uses a LOT of battery.

1 Like

My guess would be your company’s ISP hijacks Cloudflare’s address. Check out Have problems with *Read Me First*

You may be right. I’m not sure what to search for or where to search to find whether the domain I’m reporting already has an entry. My company uses some ISP locally; I think from the tracert it’s ATT. The tracert is the only debugging command that works. The nslookup to and fails, although nslookup to works. Is this enough information to submit somewhere?

Meaning? Can you post that output? What about the other debug commands from the article?

DNS request timed out.
timeout was 2 seconds.
Server: UnKnown

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
*** Request to UnKnown timed-out

Same as above for nslookup to, and for “nslookup -class=chaos -type=txt id.server”.


Non-authoritative answer:
Addresses: 2606:2800:220:1:248:1893:25c8:1946

And tracert:

Tracing route to []
over a maximum of 30 hops:

1 1 ms <1 ms <1 ms []
2 1 ms 1 ms 1 ms
3 7 ms 4 ms 4 ms []
4 32 ms 34 ms 31 ms []
5 29 ms 28 ms 29 ms []
6 29 ms 28 ms 28 ms []
7 29 ms 29 ms 29 ms
8 29 ms 30 ms 29 ms
9 30 ms 30 ms 30 ms
10 30 ms 29 ms 29 ms
11 30 ms 30 ms 30 ms
12 30 ms 30 ms 30 ms []
13 31 ms 32 ms 31 ms
14 31 ms 31 ms 30 ms []

True, the trace would indicate you reach Cloudflare.

Maybe they did not hijack the address itself but only the lookup, just speculating.

Can you run the following command in a PowerShell command prompt?

(Invoke-WebRequest -Uri '').RawContent

PS C:\windows\system32> (Invoke-WebRequest -Uri ‘’)
HTTP/1.1 200 OK
Connection: keep-alive
Access-Control-Allow-Origin: *
Expect-CT: max-age=604800, report-uri=“
CF-RAY: 4be4d04619ac51ca-SJC
Content-Length: 289
Cache-Control: max-age=484
Content-Type: application/dns-json
Date: Wed, 27 Mar 2019 22:31:16 GMT
Server: Cloudflare

{“Status”: 0,“TC”: false,“RD”: true, “RA”: true, “AD”: true,“CD”: false,“Question”:[{“name”: “”, “type”:
1}],“Answer”:[{“name”: “”, “type”: 1, “TTL”: 484, “data”: “”},{“name”: “”, "
type": 1, “TTL”: 484, “data”: “”}]}

So you can reach Cloudflare and you can resolve via DoH but not via a regular lookup.

And Private DNS on Android does not work either? That would hint at DoT not working either (maybe they block TCP port 853).

Do you have a Unix machine at hand?

I do have a Unix machine at hand. I’m not sure whether its connectivity is the same. Also, this is what I get on my PC:

And this is what I get on my phone connected to the corporate WiFi:

And to re-state the original problem, when I use Private DNS on Android, I am completely disconnected from WiFi. In settings, the WiFi icon says “No internet”.

If you can clarify this you could debug it further.

I guess it says so because it cant resolve anything. Just a guess.

We have Unix machines which I think are more protected. I’m not sure whether they have direct access to the internet. I log into them through Go-Global.