I am sure if you use DoT or DoH it's going to be very hard for ISP to block using your own DNS even if you rented a modem/router from them. It does need client-side support though.
No need for client support, you could just deploy it on a Linux vm running somewhere on your network and let that be the dns server served via dhcp.
For extra points you could deploy a firewall which intercepts all DNS requests and forwards them to that machine. Some apps have hardcoded DNS servers and ignore what you have configured.
Not really! You can buy a router that ships with OpenWrt out-of-the-box and just toggle a little checkbox. Plug that into your ISP's router (or use a wireless bridge in client mode, that's supported, too) and connect all of your devices through that. Now all your devices use DoH and don't even know it.
not really feasible for non technical folks but at that point you start to run a dns proxy in cloud with static ip and proxy all your dns requests using DoH to that IP. That would be really hard to block without blocking all outbound https connections
Asmod4n|1 year ago
For extra points you could deploy a firewall which intercepts all DNS requests and forwards them to that machine. Some apps have hardcoded DNS servers and ignore what you have configured.
pxc|1 year ago
Not really! You can buy a router that ships with OpenWrt out-of-the-box and just toggle a little checkbox. Plug that into your ISP's router (or use a wireless bridge in client mode, that's supported, too) and connect all of your devices through that. Now all your devices use DoH and don't even know it.
codedokode|1 year ago
lasr_velocirptr|1 year ago