support for DNS over TLS (DoT)

Comments

3 comments

  • Avatar
    opendnsman1 (Edited )

    Any chance this will come in 2022?

    DNS over TLS (DOT) seems to be the commonly supported standard for secure DNS.

     

    0
    Comment actions Permalink
  • Avatar
    boldone

    DNS over TLS set on the router combined with enforcing DNS over HTTPS settings at clients to use the DNS over TLS settings from the router for instance works with ASUSWRT Merlin. This is a great security enhancement since it will block malware from forcing the usage of malicious DNS over HTTPS servers.

    If you require further DNS filtering or local domain DNS support, just run a local DNS server to do so and have it forward to the DNS over TLS router.

    This is what I do now.

    Unfortunately at the moment I am forced to use other DNS providers.

    They offer DNS malware filtering, but no granular filtering like OpenDNS does.

    0
    Comment actions Permalink
  • Avatar
    tgifri0

    Cisco’s blog entry 2022-02-10
    https://umbrella.cisco.com/blog/enhancing-support-dns-encryption-with-dns-over-https
    announces that their core resolvers now support DoT as well as DoH, effective
    2022-01-28.  Since they list the same IP addresses as OpenDNS, and identical
    DoH resolvers https://dns.opendns.com/dns-query and
    https://dns.umbrella.com/dns-query, the implication is both dns.opendns.com and
    dns.umbrella.com should work as DoT resolvers!  Verified both DNS addresses
    work for DoT on an Android 10 phone; ref.
    https://support.opendns.com/hc/en-us/community/posts/4418984676756-DNS-Over-TLS-Opendns.

    0
    Comment actions Permalink

Please sign in to leave a comment.