I would like to use cloudflared (DoH)
https://docs.pi-hole.net/guides/dns/cloudflared/
using Quad9 Secured w/ECS
Quad9 Secured w/ECS
instead of Cloudflare.
How to compose(edit) the command line in /etc/default/cloudflared
?
Can I put in "https://dns11.quad9.net/dns-query"?
CLOUDFLARED_OPTS=--port 5053 --upstream https://dns11.quad9.net/dns-query
Is it already possible at this point to resolve "quad9.net"?
Or "--upstream https://dns11.9.9.9.9/dns-query"?
Or "--upstream https://9.9.9.11/dns-query"?
Protocoll https:// is needed because it is DOH DNS-Over-"HTTPS"! So the upstream DNS servers must be contacted via HTTPS it can return the result/answer also via https? But is there already DNS resolving at this moment?
And what about putting in two upstream servers?
Only with "--upstream https://9.9.9.11/dns-query" "systemctl status cloudflared" doesn't throw errors. This seems to be the solution, but browser check Cloudflare
https://www.cloudflare.com/ssl/encrypted-sni/ using Quad9 tells
We weren’t able to detect whether you were using a DNS resolver over secure transport. Contact your DNS provider or try using 1.1.1.1 for fast & secure DNS.
Using 1.1.1.1 results in secure DNS.