DoT on ASUS RT AX55 fails...

[ColdSeeker]

Noob here. Trying to get DoT to work. Here are my setups in the router (pointing only at quad9), and yet according to leak test, I am still visible and logged.

Thoughts?

 

[sfx2000]

Noob here. Trying to get DoT to work. Here are my setups in the router (pointing only at quad9), and yet according to leak test, I am still visible and logged.

I fail to see the problem here - DoT is good stuff, but it does not prevent DNS leaks...

 

[Tech9]

WoodyNet is Quad9. DoT is working as expected. It's a DNS encryption only, doesn't make the user "invisible".

 

[bbunge]

If you want to use the ECS option change the DoT IP addresses to 9.9.9.11 and 149.112.112.11 the TLS Hostname to dns11.quad9.net
Yes, you can do manual entries and do not have to use the presets. For ne Cloudflare Security works better than Quad9.

 

[OzarkEdge]

Noob here. Trying to get DoT to work. Here are my setups in the router (pointing only at quad9), and yet according to leak test, I am still visible and logged.

Thoughts?

Example DoT configuration using CloudFlare w/malicious site blocking (1.1.1.2, 1.0.0.2, default port 583, security.cloudflare-dns.com):

DNS check

OE

 

[ColdSeeker]

WoodyNet is Quad9. DoT is working as expected. It's a DNS encryption only, doesn't make the user "invisible".

Hmmm. What is DNS leak test then? So if I use the setup as is, then the DNS request is encrypted, but the fact that I am making a request is visible? If so, fine. However, when I turned on Proton VPN, I got several other DNS resolvers....still unsure about what is actually going on here (again - Noob! ;-)

Thanks to all who replied. I am just sick of every tech company scavenging any shred of privacy available and selling it to data brokers.

What exactly does DoT accomplish then?

A hearty thanks to ALL who replied to this thread - thank you for having the patience to help school a doofus (me)

 

[Tech9]

What exactly does DoT accomplish then?

It encrypts DNS queries to prevent potential MITM altering of the resolution. Nothing else. Makes it a little harder to your ISP to recreate your browsing history, but they still can do it quite accurately because you request IPs and they know what IPs belong to Google, Facebook, Pornhub, etc.

However, when I turned on Proton VPN, I got several other DNS resolvers...

What you've got is a datacenter IPs where Proton VPN leases servers for whatever they sell. There are 100s of other companies with virtual or physical servers in this very same building in downtown Toronto. ExpressVPN and NordVPN leased servers are about 500m South of this place at Amanah.