I’ve been using the Surf SOHO MK3 (F/W 8.3.0) setup to use a proxy DNS server for my home network. As such, I’ve chosen to use Quad9’s DNS over HTTPS service and for the past several years, it’s worked flawlessly. Quad9 is preferred over the various other DOH service providers mainly for their strict privacy policy.
On Dec 15th, Quad9 retired the use of HTTP/1.1 in favor of using the newer HTTP/2 transport protocol for all their DOH services …
In essence, as of Dec 15th, the Quad9 DOH option no longer works (eg: no internet DNS capability what-so-ever) via my Surf SOHO DNS proxy while all other DOH service provider options remain unaffected.
I should also note that their HTTP/1.1 retirement didn’t have any adverse effects during my subsequent testing of Firefox browser’s exclusive use of Quad9’s DOH service. In fact, Firefox is still working perfectly today while the Surf SOHO Quad9 DOH proxy doesn’t.
As I don’t expect Peplink to issue a F/W update for this issue for the now retired (obsolete) Surf SOHO MK3, does anyone know or can verify whether or not the B-One series (or other products) are also effected by Quad9’s retirement of DOH HTTP/1.1 ?
If so, does anyone have any insight as to whether or not Peplink has or will be addressing this issue concerning Quad9’s decision to retire DOH HTTP/1.1 ?
So I have the new MAX-BR2-PRO with firmware version 8.5.3, and I can only use Quad9 DNS servers for my WAN connections. I can confirm that enabling DNS over HTTPS via the drop-down menu or using the custom URL option for Quad9 will cause DNS to fail. I thought I was going crazy for a while, so I checked the support forums.
So per your response, that Quad9 has sunset DOH HTTP/1.1 is the likely culprit for Peplink routers.
My backup plan for now is to use adguard-dns.io for DOH.
Edit: I have submitted a support ticket for this issue.
I switched to Cloudflare when I encountered this issue and found DNS was no longer working when pointing at Quad9. Hopefully this is fixed sooner rather than later. I much rather prefer Quad9’s stance on privacy…
I can confirm that the B-One series is also effected by Quad9 retirement of DOH HTTP/1.1. I was using this up until the 14th of last month when it just stopped working.
I also tried using Mullvad DOH service but that also doesn’t seem to work. So now I’m using Cloudflare as well. I’m glad to hear however that this is being worked on.
+1 to @sitloongs for firmware roadmap comment… perhaps in short-term the Quad9 preset should be removed, since it’s known to fail and is causing customer issues. Thanks!
I share the same sentiment.