Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

OpenSource Ghost

macrumors newbie
Original poster
Mar 5, 2022
12
0
I am seeing some strange traffic when I use official signed AdGuard DNS MobileConfig profile - https://cdn.adtidy.org/public/dns/adguard-dns.mobileconfig . The profile itself specifies DNS-over-HTTPS, not DNS-over-TLS, but when using that profile, I see Apple TV:
1. Sending only 0-length packets to AdGuard DNS address over TCP port 853 (DNS-over-TLS)
2. Sending non-0-length packets to AdGuard DNS address over TCP port 443 (DNS-over-HTTPS)

I assume that 0-length packets over TCP port 853 indicate that DNS-over-TLS is actually not active because 0-length packets do not carry any payload and as such cannot contain any domain queries.

Can someone wth AdGuard DNS-over-HTTPS profile and/or NextDNS DNS-over-HTTPS profile see if either profile makes Apple TV send 0-length packets over TCP port 853 (DNS-over-TLS)?
 

satcomer

Suspended
Feb 19, 2008
9,115
1,973
The Finger Lakes Region
It AdGaurd working! It's sending pings to see if port is open and awake! As network tech I've seen my share of network adgaurds, ee went many different vendors! Of course we doing it at the router levels and saw traffic like this almost every day1
 

OpenSource Ghost

macrumors newbie
Original poster
Mar 5, 2022
12
0
That is my guess, but it makes no sense for DoH-only profile to ping DoT port. I have to know for sure because I manage a large dirty network and wired Ethernet connections have to be physically inspected in narrow tunnels in walls...
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.