Private DNS doesn't work in mobile network

I am unable to use Cloudflare dns as “private dns” in mobile networks. I’ve configured 1dot1dot1dot1.Cloudflare-dns.com as address. If I disable wifi it will show “Couldn’t connect” in Settings->Wifi&Internet->Private DNS after some seconds.

Device/OS: Oneplus 6 with Android P OxygenOS (beta 2)
Country: Austria
Mobile isp: “yesss!” which is a discounter in the “A1 Austria” mobile network.

Unfortunately I cannot test it with another mobile isp because I don’t know anyone else with android p & a different isp. However I am able to ping 1.1.1.1 form my phone with a normal ping (avg 70-100, max. ~350)

Ich bin mir nicht sicher, ob die Nutzung von eigenen DNS Servern (ohne VPN) überhaupt möglich ist. Ich habe mehrere Jahre bei einem Provider in D gearbeitet, da war nichts mit eigenen DNS Servern. Ist allerdings auch schon ein paar Jährchen her.

Die Telekom schmeißt mich sogar aus ihren Hotspots, wenn ich nicht den per DHCP zugewiesenen DNS nutze, sondern den in meinem VPN.

Kannst du einen Traceroute zu 1.1.1.1 von deinem Handy ausführen? Via 4G

Lets keep it on english so other people understand what we’re talking about.

As I said in the OP I am using the new “private dns” feature of android P. It allows you to configure a private dns server which will as far as I know override mobile network and wifi dns.

I tried to do a traceroute but it always shows me “Request timed out”.

Need to correct myself, the traceroute only timed out for some hops. So I got 6 timesouts. After them I see

195.3.64.10 (2000ms)
193.203.0.195 (48ms)
1.1.1.1 (30ms)

EDIT:

  • The port is not blocked. I opened a server with the dns over tls port (853) and I was able to connect using telnet.
  • The quad9 dns works (dns.quad9.net)

I’m experiencing the same issues with a similar setup:

Device/OS: OnePlus 6T with Android P OxygenOS 9.0.7
Mobile ISP: A1 Austria

Symptoms are basically identical as well - private DNS using 1dot1dot1dot1.Cloudflare-dns.com works just fine when I’m using WiFi (at home also provided by A1 Austria), however the private DNS setting will show “Couldn’t connect” after a few seconds of enabling it.

Pings/traceroutes to 1.1.1.1 work just fine, although the first few hops time out, but I assume that’s just A1’s network setup.
I’ve also tried using the 1.1.1.1 app, which doesn’t appear to have these trouble (I have to disable/reenable the connection every few days, but that’s probably just another minor, unrelated hiccup or Android acting up).

It happens less often to me now however it still does. Might be a problem with A1, it would be nice if Cloudflare could do some investigation on it, because as a random customer we probably won’t get the same contacts there.

Yeah, I assume it’s something related to their mobile network routing…
The private DNS option of Android P is still completely unusable for me, it usually works once after a restart for about 30 seconds and then just claims it can’t connect anymore, forcing me to disable it again.
I’ve been using the 1.1.1.1 app since then, which is also fine, although using it natively in Android would obviously be even better :smile:
I’ll see if I can convince a friend to lend me their T-Mobile Austria SIM card for a few minutes so I can test it with the same phone…

I have the same issue.

Device/OS: Samsung Galaxy S9+ Android P
Mobile ISP: A1 Austria

1dot1dot1dot1.Cloudflare-dns.com works fine on WiFi, but on mobile network doesn’t.
I try Google(dns.google), Quad9(dns.quad9.net) both works perfectly on wifi and mobil network (A1).
My OpenWRT router + stubby works perfectly with Cloudflare-dns.com DNS over TLS on A1.
On my cell phone now i use (dns.google), until the error is resolved.

Same issue here. Private DNS does NOT work while I am on a mobile network.
Samsung GS10, Android 9.

https://1.1.1.1/help#eyJpc0NmIjoiWWVzIiwiaXNEb3QiOiJZZXMiLCJpc0RvaCI6Ik5vIiwicmVzb2x2ZXJJcC0xLjEuMS4xIjoiWWVzIiwicmVzb2x2ZXJJcC0xLjAuMC4xIjoiWWVzIiwicmVzb2x2ZXJJcC0yNjA2OjQ3MDA6NDcwMDo6MTExMSI6IlllcyIsInJlc29sdmVySXAtMjYwNjo0NzAwOjQ3MDA6OjEwMDEiOiJZZXMiLCJkYXRhY2VudGVyTG9jYXRpb24iOiJPUkQiLCJpc3BOYW1lIjoiQ2xvdWRmbGFyZSIsImlzcEFzbiI6IjEzMzM1In0=

Same issue here

OnePlus 3T
Android Pie, OOS 9.0.4

Cloudfare DNS does not work on mobile network but it works on wifi.

I’ve tested on Orange (Romania) & Vodafone (Romania)

I’ve setup the Private DNS to one.one.one.one

So having established that a lot of people (me included) are having the same issue, does anyone have an idea of a potential fix?

A post was merged into an existing topic: DNs over TLS doesn’t work for Android

I have the same issue while on mobile network.
I use two different mobile providers with my Note 10+ Dual Sim phone in Turkey, Turkcell and Vodafone.

While on Turkcell mobile network, everything works fine. When I switch to Vodafone network, it says that the private dns cannot be reached and I cannot access the internet.

Everything works fine on WiFi and Turkcell mobile network. This problem only happens on Vodafone mobile network.

I can use the VPN apps to change the dns without a problem.

Is there anyone with a solution?

Solutuion here:

I cannot understand how your topic is related to this problem. The same setting (under system settings) works for one mobile ISP while it does not work on the other mobile ISP. Nothing is changed except the active mobile data SIM. Changing the mobile data from Turkcell SIM to Vodafone SIM without touching any other setting, the internet connection is lost, and it says that the private dns address cannot be reached.
Switching back to the previous mobile data Turkcell SIM, the private DNS address is resolved and internet access is restored.

Yours is a different problem, and it can be explained by the simple fact that Vodafone may be blocking traffic to cloudflare or it may be due to operator routing problems.

But as you yourself say, the private DNS works perfectly with Turkcell and therefore automatically excludes problems related to the correct functioning of the service.

I’ll give you a practical example to make you understand the context in which you need to think:
If you and I are on the same network but in two different access points, and I can use gmail and you do not, it does not mean that gmail is not working but it could be a blocking problem rather than a routing problem that you get on your path and I don’t.

1 Like

Ah, got it. Thanks for the detailed answers. I have since made a ticket with the service provider (Vodafone) and still waiting on an answer from their investigation team, but don’t have much hope that they can solve it.