Sponsored Links

Cloudflare 1.1.1.1 blocked on Three

Block confirmed. Works fine on EE btw.

For those interested, using the DNS server @ 1.1.1.1 works just fine.
 
Sponsored Links
For those interested, using the DNS server @ 1.1.1.1 works just fine.
Seems to be intermittent, I was investigating why my router is throwing weird DNS errors. Some traffic is being blocked to 1.1.1.1 while others aren't!!

http or Port 80 is being blocked, but SSL Port 443 is being blocked intermittently! Some connections are allowed, while some are being blocked.

My Mikrotik router is randomly reporting - DoH server connection error: Network is unreachable
 
You could just run Pi-hole and Unbound, hosting your own local recursive DNS server on a raspberry pi or something.

My MikroTik router does have it's own DNS server and cache, but makes new requests from Cloudflare 1.1.1.1 via DoH. Three's own DNS are so slow, and I read that Cloudflare host the "fastest" replies. It seems to be falling back on 1.0.0.1 which is why I didn't notice any issues with DNS lookup's but lots of blocked access to 1.1.1.1 in the logs.
 
Again another case of Three intercepting and interfering with traffic over their network!

Code:
$ telnet 1.1.1.1 80
Trying 1.1.1.1...
Connected to 1.1.1.1.
Escape character is '^]'.
GET / HTTP/1.1
Host:1.1.1.1

HTTP/1.1 307 Temporary Redirect
Content-Type: text/html
Location: http://www.three.co.uk/static/html/iwf/block.html
Content-Length: 152

<html>
<head><title>307 Temporary Redirect</title></head>
<body bgcolor="white">
<center><h1>307 Temporary Redirect</h1></center>
</body>
</html>
Connection closed by foreign host.

Over a VPN, it basically redirects you to https

Code:
$ telnet 1.1.1.1 80
Trying 1.1.1.1...
Connected to 1.1.1.1.
Escape character is '^]'.
GET / HTTP/1.1
Host:1.1.1.1

]HTTP/1.1 301 Moved Permanently
Server: cloudflare
Date: Tue, 17 May 2022 16:46:19 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://1.1.1.1/
CF-RAY: 70cdd3f24fb40c25-AMS

<html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
<hr><center>cloudflare</center>
</body>
</html>
 
Sponsored Links
My MikroTik router does have it's own DNS server and cache, but makes new requests from Cloudflare 1.1.1.1 via DoH. Three's own DNS are so slow, and I read that Cloudflare host the "fastest" replies. It seems to be falling back on 1.0.0.1 which is why I didn't notice any issues with DNS lookup's but lots of blocked access to 1.1.1.1 in the logs.
Yes but your Mikrotik doesn't ask the root servers, it relies on another DNS provider for the answer.


Unbound has replaced Bind as the preferred DNS solution. Imagine instead of having to speak another DNS server, you have your own DNS that only speaks to the authority domain host for the answer.

You're removing the middle man, removing man in the middle attacks.

Attached is what my pinhole running unbound on port 5335 looks like, it would be great to run this as a container on my Mikrotik, but until then, this is the easiest solution I have.
 

Attachments

  • Screenshot_20220517-190145.png
    Screenshot_20220517-190145.png
    173.8 KB · Views: 83
It still does not address the key issue here, Three are actively intercepting and interfering with my traffic!!! Cloudflare and 1.1.1.1 are trusted globally, so why are Three interfering with my traffic replacing the actual reply with a page accusing me of committing a crime!!
 
Sponsored Links
Didn’t you just move to smarty?

Edit: you moved a number to smarty you wanted to keep, knowing how terrible the network is(in your opinion)

 
Didn’t you just move to smarty?

Edit: you moved a number to smarty you wanted to keep, knowing how terrible the network is(in your opinion)

I am with Three because of their Band 20 and it's ability to reach into rural areas. My "internet" is on a 24 month contract with Three and I have invested heavily in a directional antenna/modem/router, Uninterruptible Power Supply(UPS) along with long runs of expensive outdoor cabling! When I first signed up I was getting at least 20Mbps downloads, max was 47Mbps, which I was very happy about. However since the 19th January 2022 the speed dropped like a stone and I only get between about 2-6Mbps, with 30Mbps uploads!

Smarty is rolling month by month. There are no alternatives for me due to location. I have been testing other SIM's but they are even worse than Three (speed and signal wise)

I am on Smarty for about 10 months now! Plus Three own Smarty. Three have only started this non-sense blocking stuff recently, from end Feb for RT and this past couple of weeks for blocking access to 1.1.1.1
 
works just fine for me, dk what's wrong with it then
Screenshot_20220517-201039_Edge.jpg
 
It seems to be fixed now. Somehow 1.1.1.1 got on the IWF URL blocklist and three were first to update the list resulting in them partially blocking HTTP access to 1.1.1.1
 
Sponsored Links
Unfortunately, can't confirm that as my log still has intermittent "DoH server connection error". But I've been having connection issues, so probably down to that to be honest.

When did you notice the "fix"?
 
It seems to be fixed now. Somehow 1.1.1.1 got on the IWF URL blocklist and three were first to update the list resulting in them partially blocking HTTP access to 1.1.1.1
yeah, it only happened for a little while for me, and 7pm time last night the service was largely online again
 
I am with Three because of their Band 20 and it's ability to reach into rural areas. My "internet" is on a 24 month contract with Three and I have invested heavily in a directional antenna/modem/router, Uninterruptible Power Supply(UPS) along with long runs of expensive outdoor cabling! When I first signed up I was getting at least 20Mbps downloads, max was 47Mbps, which I was very happy about. However since the 19th January 2022 the speed dropped like a stone and I only get between about 2-6Mbps, with 30Mbps uploads!

Smarty is rolling month by month. There are no alternatives for me due to location. I have been testing other SIM's but they are even worse than Three (speed and signal wise)

I am on Smarty for about 10 months now! Plus Three own Smarty. Three have only started this non-sense blocking stuff recently, from end Feb for RT and this past couple of weeks for blocking access to 1.1.1.1
When a mobile internet connection shows faster upload figures than download figures this is usually an indication of mast congestion - too many other local users sharing the same cell mast at the same time.
 
When a mobile internet connection shows faster upload figures than download figures this is usually an indication of mast congestion - too many other local users sharing the same cell mast at the same time.
I know this, most normal people can understand this (if I can visually "see" an object, then it can equally "see" me back!) but Three Technical Support will blame everything under the sun but the problem that is staring them in the face.

I have sent my signal figures to them and explained the dish is fixed, pointing directly at the mast and mounted on a mast (ie nothing has changed on my end) The signal RSSI is constant @ -62dB, but the noise is sky high (RSRQ is currently -19.5dB with CQI of 3) on LTE Band 3

Given that I only tend to run Speedtests when I think my connection is "slow" or doing "tests" (ie VPN speeds, tunnels etc), the following is a historical chart of my speeds on Three.

Screenshot 2022-05-20 at 00-12-05 Results Speedtest by Ookla.png


The drop to sub 10 speeds happened between the 19th and 21st of January 2022 and hasn't recovered since. I am pretty convinced Three did something around that time, but after 5 months of beating my head off the brick wall that is Three's Technical support and CEO Complaints Team, I'm going nowhere fast!

I have been through 3 CEO contacts so far. One of them apparently left and didn't even have the manners to tell me, I found out via automated reply! My current CEO contact was away on leave for a few days and promised to reply to me today when returning to office, surprise surprise no email. I have lost count of the number of broken promises, the lies and the contradictory information they given.

When it works, it's brilliant. When it doesn't, it's an absolute nightmare.
 
Last edited by a moderator:
Top
Cheap BIG ISPs for 100Mbps+
Community Fibre UK ISP Logo
150Mbps
Gift: None
Virgin Media UK ISP Logo
Virgin Media £24.00
132Mbps
Gift: None
Shell Energy UK ISP Logo
Shell Energy £26.99
109Mbps
Gift: None
Plusnet UK ISP Logo
Plusnet £27.99
145Mbps
Gift: None
Zen Internet UK ISP Logo
Zen Internet £28.00 - 35.00
100Mbps
Gift: None
Large Availability | View All
Cheapest ISPs for 100Mbps+
Gigaclear UK ISP Logo
Gigaclear £15.00
150Mbps
Gift: None
YouFibre UK ISP Logo
YouFibre £19.99
150Mbps
Gift: None
Community Fibre UK ISP Logo
150Mbps
Gift: None
BeFibre UK ISP Logo
BeFibre £21.00
150Mbps
Gift: £25 Love2Shop Card
Hey! Broadband UK ISP Logo
150Mbps
Gift: None
Large Availability | View All
Sponsored Links
The Top 15 Category Tags
  1. FTTP (5467)
  2. BT (3505)
  3. Politics (2523)
  4. Openreach (2290)
  5. Business (2251)
  6. Building Digital UK (2233)
  7. FTTC (2041)
  8. Mobile Broadband (1961)
  9. Statistics (1778)
  10. 4G (1654)
  11. Virgin Media (1607)
  12. Ofcom Regulation (1451)
  13. Fibre Optic (1392)
  14. Wireless Internet (1386)
  15. FTTH (1381)
Sponsored

Copyright © 1999 to Present - ISPreview.co.uk - All Rights Reserved - Terms  ,  Privacy and Cookie Policy  ,  Links  ,  Website Rules