PiHole doesn’t support DoH? I mean as a server? Is there a feature request open for that?
Comment on Firefox rolls out ECH enabled by default in 118
Evilcoleslaw@lemmy.world 1 year ago
ECH relies on DNS over HTTPS (DoH) for its functionality, using it to fetch the key needed for encryption.
Seems like it’s only DoH. Which is also kinda lame in a situation like mine where I’m running a DoH proxy (cloudflared), using a PiHole behind that, and pointing my LAN clients at the PiHole using unencrypted DNS. So everything leaving my network is DoH but it’s not done directly in the browser, so I can’t take advantage of ECH.
bjoern_tantau@swg-empire.de 1 year ago
lemann@lemmy.one 1 year ago
If pihole is still using dnsmasq then I have no idea if DoH will be supported tbh…
lemann@lemmy.one 1 year ago
TIL about cloudflared being a DoH proxy. Nice, will be looking into this later…
Evilcoleslaw@lemmy.world 1 year ago
It works well, and it’s easy to set up. Previously I had used dnscrypt-proxy since it supports DoH as well.
MonkderZweite@feddit.ch 1 year ago
You mean, you’re running a DoT proxy?
Evilcoleslaw@lemmy.world 1 year ago
No, DoH (DNS-over-HTTPS). I’d also previously set up a DoT proxy for use on my phone (since Android only supports DoT) but i decided to do something else for that.
epyon22@sh.itjust.works 1 year ago
Probably because DNS is unencrypted and would allow tampering of the key needed for ECH to work