This widget could not be displayed.
This widget could not be displayed.
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

DNSSEC on RT-AX86U Pro causing some websites not to load properly

Intrepid
Star I

a week ago

When using Quad9 DNS on my router, if I turn ON DNSSEC support on my ASUS RT-AX86U Pro router business.comcast.com will not load properly. When I turn DNSSEC Off the problem is resolved. I'm working with Quad9 technical support currently. Has anyone else heard of DNSSEC on Asus Routers causing issues like this? Thanks!

0 Kudos
1 REPLY 1

Intrepid
Star I

a week ago - last edited a week ago

Quad9 replied:

"DNSSEC should not be enabled on a DNS forwarder or DNS client using a recursive service like Quad9 which already performs DNSSEC validation

https://docs.quad9.net/Quad9_For_Organizations/DNS_Forwarder_Best_Practices/#disable-dnssec-validati...

Although we don't have a Setup Guide for ASUS routers with DNS over TLS support, all of our other open-source router guides on https://docs.quad9.net explicitly state that DNSSEC should be disabled at the forwarder level.

I'm guessing some other FQDN used for loading resources on that page is failing to resolve properly when DNSSEC enabled on the router."

I think ASUS router firmware should be changed to disable the use of DNSSEC  with Quad9.

0 Kudos
Youtube support channel