I'm trying to get DoH working on IPv6 on Windows 11 and verify that it's working. The setup page doesn't seem to have specific instructions for this, so I'm kind of improvising.
DoH is definitely working on IPv4, and my devices are identified in the log by adding a name at the end of the DoH template url. https://dns.nextdns.io/profileid/devicename
I turned on DoH for IPv6 in Windows and used the same template url. Windows seems to think that DNS on IPv6 is now encrypted. But in the NextDNS log, I'm still getting enteries with no padlock icon and no device name, just an IPv6 address. So it seems like maybe it's not working?
Not really sure what I'm missing here... Any tips?
Or if DoH isn't properly supported on IPv6, would it be advisable to disable IPv6 for now?
The problem is very likely on the Windows side. With dnslookup I tried sending DoH request explicitly to my NextDNS profile IPv6 address, and I see the custom identifier I included and the padlock icon. Make sure that Fallback to plaintext is disabled. In my W11 install, the config is pointed to my personal server, but it won't respond to unencrypted requests, so the DoH request goes through.
use the windows app, and everything is configured for you :-)
I'm seeing the same behavior on my son's Win 11 machine—IPv4 shows up as encrypted in the logs, but the IPv6 does not (both show as encrypted in the settings and IPv6 is using the same DoH template URL as IPv4).
I have tried the Windows app, which works correctly. However, a standard user account can disable the app, so the app doesn't solve this issue.
Ahhhh… I checked logs from my phone on a lark and there I see them reporting the Win 11 laptop as encrypted when using IPv6 and they show the laptop’s name.
This may simply be an oversight in the desktop browser view of the logs. I’m hoping that’s the case. (That doesn’t explain why the app configuration shows IPv6 logs correctly, though. Unless the app reports differently?)
- 2 mths agoLast active