Hi, I have tried to forward DNS over TLS by using CZ.NIC but it could not resolved any DNS query, but when I switch into Cloudflare everything works. Is CZ.NIC DNS over TLS not yet ready?
Edit: I have restarted: /etc/init.d/resolver service manually, still same.
Its not a problem at all, I was just wondering, you know … As CZ.NIC server should be more close to me, I’m from Czech (ahoj), so it should be quicker I guess (in the future)?
It is weird. I can reproduce it from my “personal” ISP (StarNet) over IPv4 – TCP SYN packets go without any reply, but with IPv6 all works and TCPv4 on different ports than 853 also works
Oops – I forgot to update this thread. Indeed the old addresses of cz.nic resolvers aren’t reachable on port 853 from some networks. In April we announced new implementation on different addresses (for other reasons; CZ blog post) and the Turris option in Foris had been switched to those (since 3.11.5, I believe). These new addresses have never been found to experience such problems.