Reddit thread on encrypted DNS blocking in Indonesia

[wkrp]

https://www.reddit.com/r/indonesia/comments/tzj5h4/help_i_cant_access_reddit_now_megathread/ (archive)

A thread on /r/indonesia dated 2022-04-12 says that many ISPs have started blocking encrypted DNS (DNS over HTTP, DNS over TLS, etc.) servers. Apparently, using encrypted DNS had formerly been an easy way of circumventing blocks on Reddit. It looks like the level of blocking is variable over ISPs.

Summary of accessibility of Reddit with Indonesian mobile operators and fixed ISPs (as of 12 April 2022):

• Mobile operators: Most operators are already blocking alternative Domain Name System (DNS) resolvers, with DNS hijacking, DNS redirection, Transmission Control Protocol (TCP) reset attack, Server Name Indication (SNI) filtering, and Deep Packet Inspection (DPI). Solution is to use a DPI bypass software (dpitunnel, GoodbyeDPI, GreenTunnel, PowerTunnel), Virtual Private Network (VPN), or Tor
• Certain mobile operators aren't implementing the new blocking mechanism yet, meaning that encrypted DNS systems like DNS over TLS may still usable
• Fixed ISPs (fibre or hybrid fibre coaxial): Encrypted DNS systems like DNS over HTTPS, DNS over TLS, DNS over QUIC, and DNSCrypt still work with most fixed ISPs. Modified host file (like bebasid) also still work. Some fixed ISPs are already implementing DNS hijacking, DNS redirection, SNI filtering, and DPI and if that happened with your connection, you can use a DPI bypass software (dpitunnel, GoodbyeDPI, GreenTunnel, PowerTunnel), VPN, or Tor
• Certain fixed ISPs are only partially redirecting alternative DNS resolvers (those hosted outside Indonesia), for example MyRepublic. You can use an alternative DNS resolver based in Indonesia to bypass the block (Cloudflare 1.1.1.1 and Quad9 have Indonesian-based resolvers)

Linked from https://ntc.party/t/encrypted-dns-doh-dot-sni-block-in-indonesia/2315

[merdekaid]

MyRepublic sadly has redirected port 53 going to local, same as other ISP 😔