I’ve been looking this up for days, and at a complete dead end now. Everything I find basically comes down to remove the dns address, turn it off, or change the address to 1.1.1.1. None of this works.

You can see in the picture that it’s turned off, and there are no saved addresses to remove. It won’t even save an address if I enter one. I can’t find anything else on my phone that references dns or network settings. I’m only using cell data, not connected to any wifi. Changing the setting to automatic doesn’t do allow me to visit sites either. Changing a setting and power cycling the phone doesn’t change anything.

I’ve spoken with my carrier, there are no parental blocks on my account. I’m the only person on the account. No one else has access.

When I go to a site my browser tells me the site is not secure, mentions opendns, and gives me the option to continue anyways. Doing so only routes back to the same not secure message. I can’t go any further.

I have no idea how this got on my phone, but it’s been on it for a couple months now. I’m sure I’m forgetting some info, but I’ve listed the main things. Any help would be appreciated, this is just stupid at this point.

If there’s a better /c/ to ask about this in let me know. Thanks everyone!

EDIT: Lem453 got me back online with thier suggestion. Select the bottom option “private DNS hostname” and enter either one.one.one.one or DNS.google.com.

Lots of good info provided by people too in the comments. As much as this has been frustrating for me on a daily basis it’s also given me new knowledge on how my phone works, so that’s pretty cool.

  • redcalcium@lemmy.institute
    link
    fedilink
    English
    arrow-up
    14
    arrow-down
    1
    ·
    edit-2
    1 year ago

    Here is a thing about OpenDNS you might not know. It actually has parental control feature that let you filter various domains based on category. They implemented by allowing you to enter your current IP address, and then all DNS requests from that IP address will run through the selected filter: https://signup.opendns.com/homefree/

    One more thing. Mobile carrier often use CGNAT, which will put a bunch of customer behind the same set of public IP address. When you’re behind a CGNAT, your request will appear to come from the same IP address like other customers of the same mobile carrier in that area.

    What happened to you is someone in the same CGNAT enabled parental control on OpenDNS and registered the CGNAT’s public IP address as their own. This result in everyone in the same network to have their DNS requests filtered according to that user’s parental control settings.

    You might need to wait until you got rotated into a new public IP address, or use a VPN. The real question is why your carrier use opendns in the first place.

    • MangoPenguin@lemmy.blahaj.zone
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 year ago

      and then all DNS requests from that IP address will run through the selected filter

      Only if those clients are specifically using OpenDNS as their DNS server.

    • WarmSoda@lemm.eeOP
      link
      fedilink
      English
      arrow-up
      2
      ·
      edit-2
      1 year ago

      Very interesting. It does have categories blocked, it’s blocking r rated movies and anything violent too. That’s crazy someone can screw up a whole ip address like that, if that is what happened.

      Thank you for the insights

  • Lem453@lemmy.ca
    link
    fedilink
    English
    arrow-up
    6
    ·
    1 year ago

    Select the bottom option “private DNS hostname” and enter either one.one.one.one or DNS.google.com

    Yes, you have those enter a hostname not an IP. Not sure why but it works for me on my android phone.

    • WarmSoda@lemm.eeOP
      link
      fedilink
      English
      arrow-up
      4
      ·
      edit-2
      1 year ago

      Yup that works, thank you! I’ve seen one.one.one.one suggested before and thought they were saying 1.1.1.1 how people will type Google(dot)com lol never occurred to me they meant to actually type in the words. DNS.google.com works too.

      Huge thanks my friend!

      • DeltaTangoLima@reddrefuge.com
        link
        fedilink
        English
        arrow-up
        3
        ·
        edit-2
        1 year ago

        This works because private DNS (in Android speak) is actually DNS over TLS.

        TLS is the secure communication method that also protects you when you visit https sites.

        DNS over TLS means your DNS traffic (queries and answers for internet server names) are sent and received between you and the DNS server using encryption.

        This provides a measure of privacy as it means network operators along the way (eg. your ISP) can’t see the DNS queries you’re making.

        Using Cloudflare’s server (one.one.one.one) is arguably more private than Google, as Cloudflare doesn’t make money from your data like Google does.

    • Amju Wolf@pawb.social
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      Yes, you have those enter a hostname not an IP. Not sure why

      Because it’s DNS-over-HTTPS (DoH), so it wants a URI, not an IP.

  • elmicha@feddit.de
    link
    fedilink
    English
    arrow-up
    4
    ·
    1 year ago

    Can you post an example of such a blocked site? And in which country are you?

    • WarmSoda@lemm.eeOP
      link
      fedilink
      English
      arrow-up
      4
      ·
      1 year ago

      In the US. There’s a test example in another reply. Sorry, lemmy is goofing on me and not letting me upload it again for this comment.

  • monotremata@kbin.social
    link
    fedilink
    arrow-up
    3
    ·
    1 year ago

    There are two basic ways I can think of that you could still end up using OpenDNS without setting it as your DNS server in the private DNS settings. The first is simply if it’s the default DNS that your ISP (in this case the phone company, since you mention you’re not on WiFi) supplies. If you don’t set a DNS server, then your system will obtain one at the same time it obtains an IP address via DHCP during the initial handshake with the ISP, because it needs to use something to translate website names into IP addresses. So if the ISP is configured to suggest OpenDNS, that’ll still be what you’ll use. You can override this by manually setting another DNS server. Note though that many DNS services (including a Google, if I recall correctly) use OpenDNS as a fallback setting, so if the main DNS site is down for some reason, you might still get OpenDNS results.

    The other possibility is if have a VPN enabled, like Adguard or DNS66. These often affect DNS resolution as part of an effort to block ads. Again, manually setting a DNS, or disabling the VPN, should override this.

    One last note is that there’s a setting in Chrome that lets it bypass your DNS settings and use Google’s own DNS for that app, so if you’re using Chrome and Google’s DNS server is down or doesn’t have an entry for a particular site, that could still lead to OpenDNS being used for resolution. I haven’t really found turning off that setting to work in getting Chrome to use my configured DNS, which is part of why I now use Firefox on Android, but in theory it should be possible to fix with “settings->privacy and security->secure DNS->use current provider,” or with a custom configuration in the same setting, in Chrome, or by turning off secure DNS in the same spot.

    Note that all these settings do have privacy implications, so it might be worth reading about those before mucking with any of them!

    • WarmSoda@lemm.eeOP
      link
      fedilink
      arrow-up
      2
      ·
      1 year ago

      Good info, thank you. The consensus seems to be it’s either the carrier or between me and the carrier. It makes me wonder if an update happened and it put me on the current IP address that just happens to have these settings on it.

      So right now I’m using the one.one.one.one dns setting and it’s working fine. But I’ll look up more info on it so I know exactly what it does and how it affects my privacy and everything.

      I’m loving all the new info everyone is providing, you guys all rock.

  • BlackEco@lemmy.blackeco.com
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    I think none of this has to do with Private DNS (which is what you found on the internet refers to).

    Does the issue only happen on LTE or at home? My guess is that your DNS configuration on your home router or from you cellphone provider have been modified to use OpenDNS’s (or any other DNS that cause an issue)

    Also, could you provide a screenshot of your browser telling you the website isn’t secure?

    • WarmSoda@lemm.eeOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      I’m not connected to Wi-Fi. It’s not getting any data from any routers.

      • deong@lemmy.world
        link
        fedilink
        English
        arrow-up
        3
        ·
        edit-2
        1 year ago

        There’s always a router, and there’s always a DNS server. Normally, your device is asking to join a network, and something on that network assigns it an IP address, a DNS server, and a gateway router to use. That’s true whether you’re connecting to WiFi or a cellular network. The difference is just which device is assigning you those things. You can also override that on your side by specifying a static configuration that can break things, but I don’t think that’s your problem.

        “Private DNS Mode” here is only referring to whether or not you want to encrypt the DNS lookup traffic. That’s certainly not a bad idea, but it’s a separate issue from whether or not you have a working DNS setup at all. From the screenshot below, it looks like you do have a working DNS configuration. To connect to a server, you type the server’s name (e.g., mobile.pornhub.com), your browser sends a DNS request to your DNS server asking it to return the IP address of that server, and then it uses that IP address to ask the server to send it a web page. You’re getting to the part where you’ve asked the server to send you a web page, but the server is refusing because your browser didn’t make the request over HTTPS (i.e., using encryption).

        I don’t know why that is, but I’d try the steps outlined here.

      • BlackEco@lemmy.blackeco.com
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        I’m not sure to understand: you can’t connect to WiFi? I would just like to know if this issue only happens on cellular in order to narrow down the causes.

    • WarmSoda@lemm.eeOP
      link
      fedilink
      arrow-up
      2
      ·
      edit-2
      1 year ago

      I’ll give those a try. Why would I need a new app though? I want the phone to just act normal like it used to.

      Edit: NextDNS works, thank you.
      It seems like a decent workaround for now.

  • qwerty@discuss.tchncs.de
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    Try a different browser or check dns settings in your browser, I don’t use firefox so I don’t know if it has that setting. You can also use a vpn, it should override your dns settings. Proton vpn is free for the basic tier.