[bratsche]

I was using 1.1.1.1 with AT&T Fiber and it stopped working. I didn't really question it, I figured maybe something went down at Cloudflare so I just switched my Mac back to using the defaults again. It never even occurred to me that AT&T might be blocking it.

Maybe stupid question, but why would AT&T block it?

[cookiecaper]

A few others have mentioned this already, but 1.1.1.1 has become a colloquial private address, used either as a blackhole or as a destination for internal traffic. Sort of like how 555-5555 technically isn't reserved (only 555-01xx is, according to Wikipedia), but practically, it's not really a workable number and phone companies don't hand it out.

According to the announcement post, part of the reason that Cloudflare was allocated the 1.1.1.1 address is that they were ready and willing to handle the expected inundation of all kinds of bizarre traffic.

It seems that one of those "off-label" uses of 1.1.1.1 is an internal / network control interface on [some?] AT&T networks. I'm just speculating, but it's definitely possible that 1.1.1.1 suddenly becoming publicly routable and pointed to a real thing caused some problems. "Patch it out" may be an acceptable emergency response depending on the breakages, but not really acceptable long-term.

[Nexxxeh]

Not an acceptable thing to do silently though, in any term.

[tracker1]

and the reports of 1.0.0.1?

[tpowell]

Same thing happened to me using at&t fiber.

[lavezzi]

They want you using their DNS for traffic snooping?

[azernik]

Pretty sure they don't block 8.8.8.8 though.

[jlgaddis]

They can snoop on your DNS anyways.

[cryptonector]

Not with DNS over TLS. EDIT: Which CF supports.

[icebraining]

So does Google DNS (using DNS-over-HTTPS), yet they haven't been blocked.