Still having problems with Blokada's aggressive encrypted DNS attempts

I’ve reported before about problems with Blokada’s aggressive attempts to force encrypted DNS on my local wi-fi network.

This is on Android 10, current version of Blokada installed from the in-app upgrade. In Networks, Blokada has Cloudflare DNS and Prefer Local Network DNS checked for wi-fi networks.

Local gateway already proxies all DNS requests to encrypted Cloudflare on 853. DHCP instructs all devices to use port 53 at the gateway for DNS. Gateway blocks any attempt to bypass it and contact external DNS servers directly.

When the phone is first started, Blokada correctly connects to the gateway for DNS. But eventually it stops working and I have to either reboot or switch to mobile data to continue. Restarting Blokada does not help.

I believe this is because Blokada forces you to select a DNS server from its list and only allows you to “prefer” local network DNS (rather than always using it). I think Blokada is permanently switching to the selected DNS from its list as soon as it encounters a slow or failed DNS lookup through the local network DNS, requiring a reboot to restore its DNS connection to the gateway.

Literally no other device on the network has this issue; they all correctly follow the DNS specified by DHCP.

There should be an option to turn off encrypted DNS settings completely for a specific Wi-Fi network, or failing that, for all Wi-Fi networks.

This is coming in 5.16 stable next friday.

I have this same issue with 5.16. Is this the problem that “Ping networks” is intended to address?

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.