22.7.5 - CloudFlare Secure DNS not working

Started by themadwizard, October 07, 2022, 03:30:37 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
October 07, 2022, 03:30:37 AM Last Edit: October 07, 2022, 08:17:02 AM by themadwizard
Hello!

Last night, I upgraded to 22.7.5.  Immediately after, any browser on the network that uses Secure DNS through CloudFlare is unable to load any secure sites.  I don't really even know where to start looking for the problem.  No settings have changed since before the upgrade.  I am running a filtering proxy, and I added 1.1.1.1 to the SSL No Bump list just in case, but that didn't help.  My normal DNS for the firewall is OpenDNS and doesn't seem to be having an issue.  I have all DNS requests captured and forwarded to Unbound.

Any thoughts?

Update: CloudFlare isn't the only one that doesn't work.  One of the android phones was set to use AdGuard as a Private DNS and no secure sites would work on that phone until that setting was disabled (or it was connected to the cell network).
October 08, 2022, 03:53:40 PM #1 Last Edit: October 08, 2022, 03:57:08 PM by sot3
I don't know much about how your proxy is configured, but secure DNS runs over either TLS on port 853 or HTTPS on port 443.  I'd guess that you're using DNS over HTTPS (DoH) and that's trying to pass through your proxy and can't.  Do you have the option to switch to DNS over TLS (DoT)?
October 15, 2022, 08:55:43 AM #2 Last Edit: October 15, 2022, 09:29:20 AM by themadwizard
Some things might let me switch over to DNS over TLS, but the Netflix app won't, and neither will the various XBox and Microsoft services, which are also failing due to this.

I updated to 22.7.6 a little bit ago and bounced Squid a couple of times, and it appears to be working now.  Will update if there are further issues.
October 15, 2022, 08:59:57 AM #3 Last Edit: October 15, 2022, 09:30:27 AM by themadwizard
[Edit: Deleted]
Print
Go Up Pages1
User actions