We mentioned earlier that Microsoft is developing DoH support for Windows 10 systems, but it’s not clear exactly which version will bring this feature to. DoH features are designed to encrypt DNS query traffic from being attacked and hijacked by carriers or man-in-the-middles, so using this protocol helps improve privacy and security. Although Microsoft has yet to natively support the feature in Windows 10, mainstream browsers such as Google Chrome and Firefox are already supported.
For testing only, please read the following instructions carefully:
At present, there are fewer public DNS servers that support DoH functionality and are foreign, and domestic users may be slow to use these public DNS servers.
Networks in different regions use these public DNS servers for different speeds, if interested users can turn on testing to see if normal access affects.
If you can feel that the page load speed is significantly slower, cut back to the domestic public DNS server or continue to use the carrier’s default DNS server.
Switching method: Just modify the DNS in the Windows 10 network adapter directly, and it doesn’t affect whether the doH on the browser is turned off.
Chrome turns on doT encryption query steps:
Google Chrome has already started testing doT features in Google Chrome v78, so it takes at least 78 and above to turn it on if you need to.
Open the Google Address Bar and enter chrome://flags/#dns-over-https, and then you’ll restart the browser by modifying this option to Enabled.
Once the browser is partially modified, you will also need to modify the operating system’s public DNS server and go to the Network and Sharing Center of the Windows 10 Control Panel.
Then click on the change adapter settings on the left to find the network card you are using, right-click on the network card selection property, and then configure DNS in IPv4/IPv6.
Optional DoT servers include: 18.104.22.168 / 22.214.171.124 / 2001:4860:4860:8888 and 126.96.36.199 / 1.0.1 / 2606:4700:4700:1111
Other DoT servers include: 188.8.131.52 / 184.108.40.206 / 2620:fe:fe/2620:fe:: 9 /2620:fe:11 and 2620:11:11:35:35 (OpenDNS)
Firefox turns on doT encryption query steps:
Users with the latest version of Firefox can open Firefox settings directly and then find the network section at the bottom of the general settings and click on the settings.
In this dialog box you can see at the bottom the ENABLE HTTPS-based DNS option, and Firefox has built some DoT DNS for users to choose from, and so on.
The default is 220.127.116.11, which CLOUDFLARE and Firefox build jointly, and if the user doesn’t want to use this, it can be replaced with other DNS.
Simply click on the provider’s custom options to enter the query address, for example, Google’s query address: https://dns.google/dns-query
How to test whether the DoT function is working properly:
Once the configuration is complete, you only need to visit the test page provided by CLOUDFLARE to check and turn it on successfully if Secure DNS is green.
Whether the other options are green is not relevant to DNS over HTTPS and therefore do not require a tube, please click here after the browser and DNS configuration have been completed.