DoH and DoT
A&A run DNS over HTTPS (DoT) and DNS over TLS (DoT) resolves. There is information here: https://aa.net.uk/dns which includes information on privacy and the terms and conditions.
As of September 2019, this is considered a 'trial' service, but is expected to continue and be an 'official' service for customers.
|Line type||Auto||Usually set this to automatic as it allows ADSL or ADSL2+ (depending on modem and line type).|
|Mode||Routed||This means that IP traffic is routed, and is the normal mode unless setting up a PPPoE bridge to another device.|
|PPP mode||PPPoA||When routing IP you want your router to connect using PPPoA mode. PPPoE (see below) is more commonly used when bridging to a separate PPPoE device such as a FireBrick|
|VPI/VCI||0/38||This is often the default on most broadband routers|
|Mux||VC-Mux||This is often the default on most broadband routers|
|Login||As advised||We allocate a login for one or more lines. This is of the form of a name followed by @, a realm, a dot then a single digit number. (e.g. email@example.com). The final number is the line number (e.g. 1, 2, etc.) for where customers have multiple lines sharing IP addresses.|
|Password||As advised||We allocate a password, but you can change this on the Broadband Control Pages. If you change the password on our system your lines will go off line until you change the password on the router as well. If your router cannot handle the length of password we provide, please contact support who will be happy to set a shorter password.|
|WAN IP (local)||0.0.0.0||Whilst we allocate a fixed IP address for your service, including the WAN address, it is best not to set this as it is allocated automatically using PPP. If you configure this incorrectly you will normally find you cannot log in at all.|
|WAN IP (remote)||0.0.0.0||The IP address for our end of the PPP link should not be configured. This is allocated by PPP automatically. This will change depending on equipment at our end and may even change on every connection in the future.|
|LAN IP||As advised||If using NAT then this will be some default such as 192.168.1.254. If you have a block of IPs from us, use the IP and netmask as advised. DO NOT make up a netmask for use with a real IP address that we have allocated - always use the one we have advised.|
|Routes||As necessary||If you have a separate router/firewall link block, you will need to configure a static route for your main IP block via your router/firewall. You may want your DSL router to act as a DHCP server for your LAN.|
Help with browsers and devices
- Scroll down to Network Setting...
- Scroll down and tick 'Enable DNS over HTTPS' and enter in a Custom provider: https://dns.aa.net.uk/dns-query
Checking your browser
In your Firefox URL bar, type:
about:networking and enter. Then click DNS on the left, and you should see your DNS lookups, and they shoudl have TRR (Trusted Recursive Resolver) listed as true.
DoH is expected to be a feature in Chrome version 78
DoT is supported in Android version 9 and up
- Search for “DNS” in settings search bar
- Go to PrivateDNS setting screen
- Tap 'Private DNS provider hostname', and Set: dns.aa.net.uk
- Click Save
Using DOH with curl
Note: curl version 7.62.0 or above is required, here's an example:
curl --doh-url https://dns.aa.net.uk/dns-query https://www.aa.net.uk
This will download the www.aa.net.uk webpage but would have used the DOH server to resolve the DNS.