Brave Browser DoH stops working using WARP

I just got a WARP tunnel running on my MAC using a Brave Browser. With the tunnel disabled I have DoH, with the tunnel enabled DoH isn’t working according to Cloudflair ENSI checker. Any idea how I can have WARP and DoH? Please advise, thanks!

Ian

This came up a few days ago as well, good thread here, 1.1.1.1 DoH not working on Brave.

Canada, Toronto area?

No, Seattle.

Whats the output of these commands?

dig +short CHAOS TXT id.server @1.1.1.1
dig +short CHAOS TXT id.server @1.0.0.1
curl -vH 'accept: application/dns-json' 'https://cloudflare-dns.com/dns-query?name=cloudflare.com'

SEA
SEA

Wrong host, run the command again :wink:

Last login: Fri Dec 13 08:03:34 on ttys000

The default interactive shell is now zsh.

To update your account to use zsh, please run chsh -s /bin/zsh.

For more details, please visit https://support.apple.com/kb/HT208050.

ians-MacBook-Pro:~ ianrobertson$

ians-MacBook-Pro:~ ianrobertson$ curl -vH ‘accept: application/dns-json’ ‘https://cloudflare-dns.com/dns-query?name=cloudflare.com

  • Trying 104.16.248.249…

  • TCP_NODELAY set

  • Connected to cloudflare-dns.com (104.16.248.249) port 443 (#0)

  • ALPN, offering h2

  • ALPN, offering http/1.1

  • successfully set certificate verify locations:

  • CAfile: /etc/ssl/cert.pem

CApath: none

  • TLSv1.2 (OUT), TLS handshake, Client hello (1):

  • TLSv1.2 (IN), TLS handshake, Server hello (2):

  • TLSv1.2 (IN), TLS handshake, Certificate (11):

  • TLSv1.2 (IN), TLS handshake, Server key exchange (12):

  • TLSv1.2 (IN), TLS handshake, Server finished (14):

  • TLSv1.2 (OUT), TLS handshake, Client key exchange (16):

  • TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):

  • TLSv1.2 (OUT), TLS handshake, Finished (20):

  • TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):

  • TLSv1.2 (IN), TLS handshake, Finished (20):

  • SSL connection using TLSv1.2 / ECDHE-ECDSA-CHACHA20-POLY1305

  • ALPN, server accepted to use h2

  • Server certificate:

  • subject: C=US; ST=California; L=San Francisco; O=Cloudflare, Inc.; CN=cloudflare-dns.com

  • start date: Jan 28 00:00:00 2019 GMT

  • expire date: Feb 1 12:00:00 2021 GMT

  • subjectAltName: host “cloudflare-dns.com” matched cert’s “cloudflare-dns.com

  • issuer: C=US; O=DigiCert Inc; CN=DigiCert ECC Secure Server CA

  • SSL certificate verify ok.

  • Using HTTP2, server supports multi-use

  • Connection state changed (HTTP/2 confirmed)

  • Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0

  • Using Stream ID: 1 (easy handle 0x7f9090805400)

GET /dns-query?name=cloudflare.com HTTP/2

Host: cloudflare-dns.com

User-Agent: curl/7.64.1

accept: application/dns-json

  • Connection state changed (MAX_CONCURRENT_STREAMS == 256)!

< HTTP/2 200

< date: Fri, 13 Dec 2019 16:30:30 GMT

< content-type: application/dns-json

< content-length: 285

< access-control-allow-origin: *

< cache-control: max-age=73

< expect-ct: max-age=604800, report-uri=“https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct

< server: cloudflare

< cf-ray: 544952ae6d2cbcb4-SEA

<

{“Status”: 0,“TC”: false,“RD”: true, “RA”: true, “AD”: true,“CD”: false,“Question”:[{“name”: “cloudflare.com.”, “type”: 1}],“Answer”:[{“name”: “cloudflare.com.”, “type”: 1, “TTL”: 73, “data”: “104.17.175.85”},{“name”: “cloudflare.com.”, “type”: 1, “TTL”: 73, “data”: “104.17.176.85”}]}* Closing connection 0

ians-MacBook-Pro:~ ianrobertson$ Last

Alright, I just noticed you actually dont have an issue with DoH but it rather is an issue in the context of Warp.

That was my guess. The flag is set for DoH and it works fine out of the tunnel and doesn’t work in the tunnel. What should be my next move to resolve this?