I try to use “private DNS” option in my phone’s settings, but it often does not work, and therefore privacy cannot be protected all the time. Sometimes I just cannot even ping other servers by IP (like 1.1.1.1) because of it. My question is: WHY this function requires hostname (so you need to query some other plain text DNS before reaching encrypted DNS)? Also if I understand well, it uses DNS over TLS, but I’m curious why not DNS over HTTPS (which seems like a reliable solution since I have it configured in my browser and there is never a problem with it…also it uses IP address instead of hostname). Why no one is seeing this problem and no one wants to address it? I tried downloading Quad9 app, but it does not work either (I guess some IPS is filtering TLS requests in my network, but again why DOH is not used then?).
you understandably sound confused
when you have private DNS enabled, you have no connection if it fails. Is it in “auto” or is there a fallback option?
🤔
you shouldn’t use both, iirc. Your browser is bypassing your “DNS over TLS” in this case
because there is no problem?
quad9 app works as a vpn. What do you mean by “it does not work either”?
Well there is a problem, because if you enter hostname in private DNS field, this hostname has to be resolved first, therefore your phone has to query DNS by using unencrypted DNS provided by network configuration…and for some reason I guess IPS in a network can detect this DNS over TLS traffic and filter it out. Also isn’t it better to use double encryption instead of just 1? Like what’s wrong with my browser resolving hostnames on its own, its even better imo.