support for DNS over TLS (DoT)

Follow

boldone

November 01, 2021 18:42

I am awaiting support for DNS over TLS (DoT) so I van setup my router to start using OpenDNS servers again.

My router does not support DNS over HTTPS (DoH) as OpenDNS supports.

DNS traffic encryption is a requirement for my network in order to help prevent man-in-the-middle attacks.

2

• 

  opendnsman1 January 03, 2022 21:27 (Edited January 03, 2022 21:28)

  Any chance this will come in 2022?

  DNS over TLS (DOT) seems to be the commonly supported standard for secure DNS.

   

  0

  Comment actions Permalink
• 

  boldone January 03, 2022 22:18

  DNS over TLS set on the router combined with enforcing DNS over HTTPS settings at clients to use the DNS over TLS settings from the router for instance works with ASUSWRT Merlin. This is a great security enhancement since it will block malware from forcing the usage of malicious DNS over HTTPS servers.

  If you require further DNS filtering or local domain DNS support, just run a local DNS server to do so and have it forward to the DNS over TLS router.

  This is what I do now.

  Unfortunately at the moment I am forced to use other DNS providers.

  They offer DNS malware filtering, but no granular filtering like OpenDNS does.

  0

  Comment actions Permalink
• 

  tgifri0 February 19, 2022 01:53

  Cisco’s blog entry 2022-02-10
  https://umbrella.cisco.com/blog/enhancing-support-dns-encryption-with-dns-over-https
  announces that their core resolvers now support DoT as well as DoH, effective
  2022-01-28.  Since they list the same IP addresses as OpenDNS, and identical
  DoH resolvers https://dns.opendns.com/dns-query and
  https://dns.umbrella.com/dns-query, the implication is both dns.opendns.com and
  dns.umbrella.com should work as DoT resolvers!  Verified both DNS addresses
  work for DoT on an Android 10 phone; ref.
  https://support.opendns.com/hc/en-us/community/posts/4418984676756-DNS-Over-TLS-Opendns.

  1

  Comment actions Permalink

Please sign in to leave a comment.