No, you should be fine. Even without DoH it should be fine really. If you are routing the traffic through the VPN tunnel, it will be encapsulated so whether the DNS query is made via HTTPS, TLS, or standard UDP it will still be secured.
this post was submitted on 16 Jul 2023
2 points (100.0% liked)
VPN
951 readers
14 users here now
A community for VPN users and those who want to know more about them.
founded 2 years ago
MODERATORS
Just asking because when I’m not using VPN would like to have DoH
Ah, I understand. You should not see any leaks. The VPN provider on connection will often times pass a DNS option that supersedes existing DNS settings you have, but Firefox's DoH doesn't rely on the system resolver and instead uses their own. If interested in who they send queries to, you can find them listed at the bottom here: https://wiki.mozilla.org/Security/DOH-resolver-policy
I checked for leaks with Mullvad check and showed IP from Surfshark VPN, but DNS from DoH Mullvad. So I think DoH is running within the vpn tunnel