Cannot access Private DNS on Android


since last evening the private dns configuration on my pixel6 phone is not working anymore when I'm connected to my home wifi, and I've spent all night trying to troubleshoot the problem with no success.

The wifi network is behind a opnsense firewall with unbound as dns.

The unbound DOT configuration is:

  tls-cert-bundle: /etc/ssl/cert.pem
  name: "."
  forward-tls-upstream: yes

(I don't use ipv6)


DNSSEC is disabled in unbound

Every other device in my home network works with this configuration and i see on test.nextdns.io that it's using nextdns, included anothe pixel phone.

I have tired to reset the network config and reboot the phone mutiple times but nothing.

I have tried to enable and disable CNAME flattening but nothing

If I disable private dns and I connect to my wifi, everything works fine and browsing test.nextdns.io I see that i'm using DOT.

If I use the nextdns app, connecting to my wifi, and disabling private dnss everything works fine.

If I replace nextdns with cloud9 or cloudfare as private dns I have no issues!!

Any way to fix this?

1reply Oldest first
  • Oldest first
  • Newest first
  • Active threads
  • Popular
  • I received a brand new pixel 6a yesterday and have it set up, but in a similar situation only the 6a consistently fails to communicate via private dns from the start.
    Communicate when private DNS is set to automatic or off.
    The pixel series has 3a and 4a, but there is no problem with either.
    There is pfsense upstream and nextdns is set with unbound. ipv6 is not passing.

Like1 Follow
  • 2 wk agoLast active
  • 1Replies
  • 126Views
  • 2 Following