Cloudflare DNS-over-HTTPS (DoH)
https://cloudflare-dns.com/dns-query
References
https://dnsprivacy.org/public_resolvers/
Tag: doh
Connect to Cloudflare 1.1.1.1 using DoH clients on Ubuntu
Download and install the cloudflared daemon
Or Download and install cloudflared via the Cloudflare Package Repository.
Ubuntu 20.04 LTS (Focal Fossa)
# Add cloudflare gpg key sudo mkdir -p --mode=0755 /usr/share/keyrings curl -fsSL https://pkg.cloudflare.com/cloudflare-main.gpg | sudo tee /usr/share/keyrings/cloudflare-main.gpg >/dev/null # Add this repo to your apt repositories echo 'deb [signed-by=/usr/share/keyrings/cloudflare-main.gpg] https://pkg.cloudflare.com/cloudflared focal main' | sudo tee /etc/apt/sources.list.d/cloudflared.list # install cloudflared sudo apt-get update && sudo apt-get install cloudflared
cloudflared --version
Run without systemd
cloudflared proxy-dns #cloudflared proxy-dns --port 5553
Run with systemd
sudo tee /etc/systemd/system/cloudflared-proxy-dns.service >/dev/null <<EOF [Unit] Description=DNS over HTTPS (DoH) proxy client Wants=network-online.target nss-lookup.target Before=nss-lookup.target [Service] AmbientCapabilities=CAP_NET_BIND_SERVICE CapabilityBoundingSet=CAP_NET_BIND_SERVICE DynamicUser=yes ExecStart=/usr/local/bin/cloudflared proxy-dns [Install] WantedBy=multi-user.target EOF
sudo systemctl enable --now cloudflared-proxy-dns
sudo rm -f /etc/resolv.conf
echo nameserver 127.0.0.1 | sudo tee /etc/resolv.conf >/dev/null
Finally, verify it locally with:
dig +short @127.0.0.1 cloudflare.com AAAA
Update cloudflared
cloudflared update
References
https://developers.cloudflare.com/1.1.1.1/encryption/dns-over-https/dns-over-https-client/
https://pkg.cloudflare.com/index.html