Hi, I am using the latest Android 14 on my S24 Ultra and have experienced no connectivity issues while using the ControlD App (DOH/3), which uses the VPN method.
Understanding that Private DNS on Android devices only supports DOT by design, I decided to test DOT over the past few days. Unfortunately, this has led to numerous connectivity issues, particularly while on a 5G mobile network. When I set the Private DNS provider hostname, it initially works, but after some time, I lose network connectivity, resulting in no internet access.
To restore my connection, I have to switch the Private DNS setting back to Automatic (disabling ControlD). Despite having Auto Authorize IP turned on, it doesn’t seem to resolve the issue.
Possibly be my Mobile telco issue? I’m in Australia with Optus.
I prefer to use the Private DNS method instead of the VPN (app) approach. Has anyone else encountered a similar problem? Could this be an issue with Android itself?
We’ve had other reports of this issue, from other folks on AU Optus. Behavior is the same, and only affects DOT (Private DNS).
All signs point to something “special” on some cellular networks, which only affects DOT for some reason. We’re still investigating, but I recommend sticking with DOH via the app for now.
As others say, your telco is “messing” with you. I use DoT on Android all the time, and I don’t have any issues. I suspect that they are logging DNS requests and can sell that data for commercial usage… that’s why they might block :853. Tmobile did that once in a while.
I had this same issue with my telco. I previously used Rethink DNS (as others have suggested) which did work for DOH however I found that the app would sometimes hang or the connection would time out (never got to the bottom of it).
I now use Tailscale which did take a bit of time to setup, however it has been more stable in my experience.
This is an Problem w/ their DoT implementation. The Port 853 is not blocked…NextDNS and Adguard workes well. I think this only to minimize SSL Errors while the forwards.
Have the same issue on my android phone which use the native DOT method, the issue only surface recent months, I have a chrome browser on my laptop which use DOH has no such issue. Now I only turn on controld on my phone when needed.
Interesting. I was using Quad9’s DoT configuration profiles on my iPhone and MacBook before trying Control D and had no issues when using Optus for Wi-Fi and Amaysim (uses the Optus network) for mobile data.
I just thought I’d comment on my experience with DoT on the Optus network. I know this is over a month old now.
No idea if this is the case for your carrier, but on Orange PL tcp fastopen runs into weird issues (connections do establish, so fallback to normal tcp doesn’t trigger, but they don’t actually quite work right ie. not fully bidirectionally) due to some mitm proxying they do on *some* of their APNs. DoT usually wants to use tcp fastopen for performance reasons… I’m sure the fault is some commercial firewall ‘optimization’ gear that does some stupid (incorrect) tcp state tracking.
Based on what I understand about the problem you describe:
You get no internet connection if you use DoH via Control D.
If you use DoT via Private DNS, you can connect but have issues with the connection.
I was recommending Rethink DNS to set up Control D DoH and, possibly, DoT to see whether it will solve your problem.
Suppose it doesn’t solve the problem. The issue is more related to the network. I saw o2pb’s comments, and it confirms the issue is with your internet provider.
In summary:
Use Rethink DNS with Control D’s DoH setup and see if it solves the problem.
You can have the best of both worlds by using your ControlD IP’s with the Wireguard VPN client app and Port 443 (o2pb doesn’t like it but it works fine) thereby retaining your ControlD features. Or, as others have recommended, use RethinkDNS in the same manner. Both options use almost zero battery on my Galaxy Tablet. I’m assuming you want to reserve the VPN slot for your actual VPN and prefer Private DNS for battery life.
Tmobile did that once in a while.