Now that Pihole v4 allows specifying the port for DNS on the DNS tab in Settings, I anticipated being able to use 1.1.1.1#853 to use DNS over TLS
While running cloudflared as a DNS proxy on 127.0.0.1 and using 127.0.0.1#8053 in Settings > DNS works, using 1.1.1.1#853 doesn't
Perhaps the issue is related the certificate exchange, or another required dependancy to use DNS over TLS on a Raspberry PI??
Any other thoughts/suggestions?
When you run a custom DNS service (cloudeflared or DNS) on your Pi along with Pi-Hole, Pi-Hole communicates with that service on 127.0.0.1 (the loopback IP) on the port where the DNS service is listening.
Your local instance of cloudflared is communicating to the cloudflare server, and the Pi-Hole is communicating with the local instance.
The guides in this link provide detail and setup instructions:
Thanks.. I'm aware of that, although what you stated is a very rough explanation of how Pihole can be configured to use a DNS proxy or 3rd party resolver.
Perhaps the issue here is the limitation of dnsmasq not supporting TLS. While Pihole v4 now allows the port to be specified it's the lack of TLS support in dnsmasq that is the issue.
Perhaps Stubby is a solution.
... or/and unbound.
This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.