Privacy

29871 readers

2274 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

Chat rooms

[Matrix/Element]Dead
Discord

much thanks to @gary_host_laptop for the logo design :)

founded 4 years ago

MODERATORS

[email protected]

DoH/DoT on Router (self.privacy)

submitted 11 months ago by 03040 to c/[email protected]

9 comments fedilink hide all child comments

If DoH/DoT is configured on the Router, is it also needed to configure DoT/DoH in the Browser or OS?

top 9 comments

sorted by: hot top controversial new old

[–] [email protected] 4 points 11 months ago (1 children)

No, but check if the browser isn't using other DoH provider. If so just disable it.

[–] UnfortunateShort 4 points 11 months ago (1 children)

Note that it's obviously a different story for mobile devices. If you connect to different networks, you might want to leave DoH on on your device

[–] 03040 1 points 11 months ago (1 children)

Makes sense, is their any downside if I set the same DNS in Android and Router?

[–] UnfortunateShort 2 points 11 months ago

No - in either case a https connection will be established and DNS will be available via that connection. The only exception is the very first connection of the browser/system, where the domain of the DoH provider needs to be resolved first (e.g. dns.quad9.net -> 9.9.9.9).

[–] Sizably8826 2 points 11 months ago

you can check via this website

[–] [email protected] 2 points 11 months ago (1 children)

No, but your OS needs to be configured to use the DNS server on your router. Easiest way to do this is with DHCP + NAT rule to ensure all DNS queries are processed by your router.

[–] 03040 1 points 11 months ago (1 children)

Why do I need a NAT rule if the computer uses DHCP?

[–] [email protected] 2 points 11 months ago

It's not necessary but it ensures that all DNS queries are processed by your router. It could be that there's software that uses a specific DNS server hardcoded to make sure they can avoid your Pi-hole (or alternative solution) to track you.

[–] [email protected] 2 points 11 months ago

Depends on your security model IMHO. If unencrypted dns traffic on your network, or your router being a possible aggretion point for dns requests from devices on your network is fine, then it is a great way to simplify using it for your network.

I imagine it's probably good for 98% of people.