That's the block method of choice for UK ISPs subject to High Court injunctions (i.e. site blocking). A VPN or proxy is your friend. Before Mozilla **** the bed and disabled ESNI (before ECH was even close to ready), you could just enable encrypted DNS and encrypt the SNI in Firefox and the blocks would be bypassed with no need for a VPN. Now, no such luck. The sooner ECH is sorted the better, as until then you can encrypt your DNS all you like, but SNI will give you away anyway (unless you have a VPN).
HTTPS DNS - Cloudflare vs NextDNS?
- Thread starter Ice Tea
- Start date
FYI it might have got better but the blocking on Cloudflare wasn't very good compared to other solutions including Quad9
I thought I'd give Quad9 a go. 
I realised that my ZenWiFi XT 12 has the options in the Router for Quad9 for WAN DNS. So I've chosen that. I've also set opportunistic DoT and set that to use Quad9. My DHCP DNS is left to default which means it uses the ZenWiFi XT 12 for processing the requests. Yet when I go to the Quad9 test page it says I'm not using Quad9. Is this just a mistake because I haven't set it on the PC level, but instead set it at the Router level?
EDIT: After doing a dns leak test it looks like this is working fine. The servers reported back are WoodyNet, Inc. which are used by Quad9. So it is just the test page from Quad9 which is reporting incorrectly.
I realised that my ZenWiFi XT 12 has the options in the Router for Quad9 for WAN DNS. So I've chosen that. I've also set opportunistic DoT and set that to use Quad9. My DHCP DNS is left to default which means it uses the ZenWiFi XT 12 for processing the requests. Yet when I go to the Quad9 test page it says I'm not using Quad9. Is this just a mistake because I haven't set it on the PC level, but instead set it at the Router level?
EDIT: After doing a dns leak test it looks like this is working fine. The servers reported back are WoodyNet, Inc. which are used by Quad9. So it is just the test page from Quad9 which is reporting incorrectly.
AdGuard DNS:
94.140.14.14
94.140.15.15
2a10:50c0::ad1:ff
2a10:50c0::ad2:ff
DoH: https://dns.adguard-dns.com/dns-query
DoT: dns.adguard-dns.com
DoQ: quic://dns.adguard-dns.com
DNSCrypt: sdns://AQMAAAAAAAAAETk0LjE0MC4xNC4xNDo1NDQzINErR_JS3PLCu_iZEIbq95zkSV2LFsigxDIuUso_OQhzIjIuZG5zY3J5cHQuZGVmYXVsdC5uczEuYWRndWFyZC5jb20
I had lots of buffering issues (nowtv, bt sport etc) with cloud flare via virgin media. A guy on cable forums did some good diagnosis and I believe at the time it was due to cloud flare not supporting ecs. Wonder if that has changed.
Are you still using AdGuard rainmaker?
Are you still using AdGuard rainmaker?
Cloudflare won't support ECS as it's a privacy concern, Google and Quad9 using their specific ECS service 9.9.9.11 are the ones I know of that currently support it off top of my head.
I thought I'd give Quad9 a go.
I realised that my ZenWiFi XT 12 has the options in the Router for Quad9 for WAN DNS. So I've chosen that. I've also set opportunistic DoT and set that to use Quad9. My DHCP DNS is left to default which means it uses the ZenWiFi XT 12 for processing the requests. Yet when I go to the Quad9 test page it says I'm not using Quad9. Is this just a mistake because I haven't set it on the PC level, but instead set it at the Router level?
EDIT: After doing a dns leak test it looks like this is working fine. The servers reported back are WoodyNet, Inc. which are used by Quad9. So it is just the test page from Quad9 which is reporting incorrectly.
While old post... I've been using Quad9 for a while now as well. I also see WoodyNet being reported under Sky.
I run my own DNS servers, but I also have subscriptions to NextDNS and AdGuard Private DNS. You can get EDNS Client Subnet (ECS) support with a privacy overlay from either NextDNS or AdGuard Private DNS (i.e. their paid service), but the former is slightly more reliable at the moment in my experience. If you run an AdGuard Home instance, you can also enable ECS in that.
That said, I've never in donkey's years had any issue using other DNS (Cloudflare, Quad9, AdGuard, my own) with VM or anyone else. Netflix shouldn't be affected at all - you might not get the feed direct from VM but it shouldn't struggle. That's sounding much more like a VM issue than a DNS one.