DoH (DNS over HTTPS) and DoT(DNS over TLS) are security implementations to wrap DNS requests in HTTPS and TLS protocols respectively. By using these workarounds, users can get around restrictions forced upon by DNS filtering. The UK ISP group has gone so far as to say Mozilla’s implementation of DoH as evil, considering how it makes it easier to get around restrictions placed by the government and makes it harder to track users.
On Android, there isn’t a simple way to add DoT or DoH abstraction by default. The tutorial provides steps to use these two protocols using an internal VPN app that blocks ads as well. With ad-blocking, the application can use DoT and DoH capable DNS servers. The application open-source and is very lightweight with minimal UI making it very easy to use.
- Download the application from the official website, and install it on your Android phone.
- When the app opens, it automatically creates an internal VPN. The logs on the lower section of the app start to show the domain requests handled by the app. Depending on the ad-blocking setting, it may block some domains and allow other domains.
- Access the custom DNS server settings from the top of the applications screen.
- On the next window pop-up, the DoT and DoH configuration for the Cloudflare DNS is shown for usage. Other DoT/DoH compatible servers can be used in the settings as well.
- The DoT and DoH DNS configurations are not enabled by default, remove the ‘#’ signs before the links to enable them. The description beside the links gives you information about the protocol used.
- Once enabled; the VPN should be restarted for the new configuration to take effect. The DNS setting on the top screen reflects the use of the security protocol
- Verification of the usage of the DoT or DoH may be performed through the Cloudflare DNS help website.
And that is how you configure DoT/DoH on your Android device.
[review]
