WhatsApp vs DNS blocking

General
1

Rethink has never blocked any WhatsApp trackers in my phone. Ever.
Rethink also tells me WhatsApp’s most contacted IP is 8.8.8.8. That’s right, Google’s DNS. WhatsApp is obviously circumventing DNS blocking, so let this be a warning to all. When I blocked 8.8.8.8, WA started querying 8.8.4.4.

Some observations and questions:

  • mine is the website apk version of WhatsApp (the Play Store version requires Google Play Services and will lock your account otherwise). So it may behave differently.

  • @ignoramous is Rethink able to intercept DNS requests? I see “block when DNS is bypassed”, by I’d rather intercept instead of blocking. Also, does it apply for port 53 only or DoH & DoT also?

  • same goes for Android’s “private DNS”: I figure it doesn’t intercept DNS requests, but can someone knowledgeable confirm this?

  • anyone using NextDNS or similar via the “private DNS” can confirm if WA trackers have been blocked or not? And what WA version are you using?

2

By tracker do you mean dit.whatsapp.net or some other site?

3

Yes. Turn ON Prevent DNS leaks in ConfigureDNS (scroll to the bottom).

Android’s Private DNS doesn’t “intercept” traffic on port 53, no.

Turning Block when DNS is bypassed ON (from ConfigureFirewallUniversal firewall rules) will block requests from apps hard-coding IPs (like Instagram) or apps using their own DNS (regardless of Prevent DNS leaks), like Telegram w/ DNS-over-HTTPS.

Block when DNS is bypassed setting may also break a few genuine use-cases where apps may hardcode IPs (like NTP for time sync) or use DNS-over-HTTPS (for TLS v3 Encrypted Client Hello). You’ll have to Bypass Universal or Bypass DNS and Firewall such apps.

1 Like
4

Thanks!