"private dns server cannot be accessed" on Android

mullvad / dns-blocklists

Lists and configuration for our DNS blocking service

1.07k stars 45 forks source link

"private dns server cannot be accessed" on Android #17

Closed cubagithub closed 2 years ago

cubagithub commented 2 years ago

Hello.

I'm connected to Mullvad via wireguard in Android 11, and have Private DNS configured to adblock.doh.mullvad.net as per https://mullvad.net/en/help/dns-over-https-and-dns-over-tls/

I receive the messages "private dns server cannot be accessed" "mobile network has no internet access" despite being able to resolve the DNS endpoint's hostname, and connectivity actually being fine.

Question: Is a Google/Android connectivity checker blocked by an entry in these lists?

Private DNS

private_DNS

Connectivity check lookup

connectivitycheck

Mobile network has no internet access: Private DNS server cannot be accessed

DNS_Error

Mullvad connection check

mullvad_check

DOH server lookup

DNS_lookup

oskaralmlov commented 2 years ago

Hi, thanks for reaching out.

I had a look at this and from what I'm seeing that specific domain is not blocked from being resolved. I did a quick google search and there appears to be multiple domain that are used for this check depending on which android version you're using. I tried a couple but I can't see that they're being blocked:

$ dig connectivitycheck.gstatic.com connectivitycheck.android.com  @adblock.doh.mullvad.net +short
216.58.207.227
142.250.74.78

So going by the results when resolving the domain you provided and the one I found it appears we're not blocking any of them.

Should you need further help with troubleshooting this specific issue it's better to contact our support team (support@mullvad.net). They have more experience with dealing with these kind of issues and have access to devices on which they can reproduce the issue.

Have a good one!

xanoni commented 2 years ago

Any updates on this? Seeing the same error message on a stock Android 12 device. Both AdBlock and non-adblock DOH affected. Using Mullvad VPN app.

WiFi indicator in top right of screen shows exclamation mark.

Addresses resolve. Connection check succeeds.

Your DNS requests originate from:

IP Address 89.46.62.132
us-nyc-dns-201
M247
USA

Edit: exclamation mark seems transitory... It disappeared now.

oskaralmlov commented 2 years ago

Any updates on this? Seeing the same error message on a stock Android 12 device. Both AdBlock and non-adblock DOH affected. Using Mullvad VPN app.

WiFi indicator in top right of screen shows exclamation mark.

Addresses resolve. Connection check succeeds.
Your DNS requests originate from:

IP Address 89.46.62.132
us-nyc-dns-201
M247
USA
Edit: exclamation mark seems transitory... It disappeared now.

Hi!

For how long was the issue ongoing? An approximate of the time it started and when it went away would be great to know. Also, did you change which relay you were connected to during this time? If yes; did it help with making the issue go away and to which relay did you change?

Thanks.

xanoni commented 2 years ago

I no longer have this information, and I no longer have the same issue.

However, I noticed that on one specific WiFi, Android tells me that the WiFi doesn't provide Internet, while it does.

But could be anything, so would say for now that this issue no longer affects me.

Dyrimon commented 1 year ago

@oskaralmlov Hi, I'm facing the same issue on android 11. I tested other ad-blocking dns servers (controlD) and they work properly. Mullvad dns cannot be connected to when using DoT in the private DNS settings.