Pihole + doh cloudflared + esni?

#1

is it possible to use esni cloudflare with pihole?

0 Likes

#2

From my reading of the ESNI protocol, this is a function provided by a browser, and is completely separate from Pi-Hole.

Request from client > Pi-Hole > Cloudflared > Pi-Hole > client, then IP address from client (browser) to the internet and this is where the SNI is implemented.

https://blog.mozilla.org/security/2018/10/18/encrypted-sni-comes-to-firefox-nightly/

0 Likes

#3

I have set in about: config in firefox beta esni enable and network.trr.mode 5 and test https://www.cloudflare.com/ssl/encrypted-sni/ for esni is negative.
I’ve read that the trr mode setting on 2 can cause a pihole around.
Ideas?

0 Likes

#4

Depending on which TRR mode you select, Firefox may bypass Pi-Hole. Pi-Hole is not acting as a DoH server to the browser, so if you select a DoH mode in Firefox then Pi-Hole won’t see the DNS traffic. Setting this to 5 turns off that feature and sends the DNS traffic to Pi-Hole.

https://wiki.mozilla.org/Trusted_Recursive_Resolver

0 Likes

#5

Ok. So what should I do to pass the test on enryptedsni.com?

0 Likes

#6

I don’t know. We are a Pi-Hole forum and this isn’t a Pi-Hole issue. I would look in the Firefox forums.

0 Likes

#7

Ok. thx ;- )

0 Likes