| Beide Seiten der vorigen Revision Vorhergehende Überarbeitung Nächste Überarbeitung | Vorhergehende Überarbeitung |
| knb:dohdot_en [2025/09/08 01:19] – t0biii | knb:dohdot_en [2026/02/09 07:44] (aktuell) – awickert |
|---|
| ====== DNS-over-HTTPS/-TLS/-QUIC-Support ====== | ====== DNS-over-HTTPS/-TLS/-QUIC-Support ====== |
| {{:ffmuc_logo.png?nolink&150|Bild: Freifunk München Logo}} \\ | {{:ffmuc_logo.png?nolink&150|Bild: Freifunk München Logo}} \\ |
| | |
| | ===== Quick Start Guide ===== |
| | |
| | https://dns-setup.ffmuc.net |
| | |
| ===== Background Informations ===== | ===== Background Informations ===== |
| Surely you've heard of the topic that is currently haunting [[https://www.golem.de/news/wegen-cloudflare-openbsd-deaktiviert-doh-im-firefox-browser-1909-143884.html|IT-News]]. Mozilla will integrate in Firefox [[https://cloudflare.com/|Cloudflare]] as DoH-Server and activate it by default. In itself, it's not a bad idea to encrypt DNS queries so that they can't be read in open networks (like Freifunk). However, it is a thorn in the side of many users and us to use a provider from America by default. | Surely you've heard of the topic that is currently haunting [[https://www.golem.de/news/wegen-cloudflare-openbsd-deaktiviert-doh-im-firefox-browser-1909-143884.html|IT-News]]. Mozilla will integrate in Firefox [[https://cloudflare.com/|Cloudflare]] as DoH-Server and activate it by default. In itself, it's not a bad idea to encrypt DNS queries so that they can't be read in open networks (like Freifunk). However, it is a thorn in the side of many users and us to use a provider from America by default. |
| |
| We also registered on the page of the [[https://dnscrypt.info/public-servers/|DNSCrypt-Project]], so that we are automatically added in apps like [[https://apps.apple.com/de/app/dnscloak-secure-dns-client/id1452162351|DNSCloak]] (iOS) or [[https://github.com/DNSCrypt/dnscrypt-proxy|dnscrypt-proxy]]. | We also registered on the page of the [[https://dnscrypt.info/public-servers/|DNSCrypt-Project]], so that we are automatically added in apps like [[https://apps.apple.com/de/app/dnscloak-secure-dns-client/id1452162351|DNSCloak]] (iOS) or [[https://github.com/DNSCrypt/dnscrypt-proxy|dnscrypt-proxy]]. |
| | |
| | Privacy Policy: https://ffmuc.net/dns-privacy/ |
| |
| ===== Addresses & Protocols ===== | ===== Addresses & Protocols ===== |
| Our DNS servers are available both as "normal" [[knb:dns|DNS servers]] (for simple, unencrypted DNS over UDP/TCP), as well as via the following protocols: | Our DNS servers are available both as "normal" [[knb:dns|DNS servers]] (for simple, unencrypted DNS over UDP/TCP), as well as via the following protocols: |
| * DNS over TLS | * DNS over TLS ''%%tls://dot.ffmuc.net%%'' |
| * DNS over HTTPS | * DNS over HTTPS ''%%https://doh.ffmuc.net/dns-query%%'' |
| * DNS over HTTP/3 | * DNS over HTTP/3 ''%%h3://doh.ffmuc.net/dns-query%%'' |
| * DNS over QUIC | * DNS over QUIC ''%%quic://doq.ffmuc.net%%'' |
| For configuration, please use the following addresses & domains: | For configuration, please use the following addresses & domains: |
| * ''doh.ffmuc.net - IPv4: 5.1.66.255 / 185.150.99.255 IPv6: 2001:678:e68:f000:: / 2001:678:ed0:f000::'' | * ''doh.ffmuc.net - IPv4: 5.1.66.255 / 185.150.99.255 IPv6: 2001:678:e68:f000:: / 2001:678:ed0:f000::'' |
| |
| |
| {{ :knb:fritzbox_dot_settings.png?direct&800 |DoT-Settings in FritzBox }} | {{ :knb:fritzbox_dot_settings_en.png?direct&800 |DoT-Settings in FritzBox}} |
| |
| In the Online Monitor, you can now see that the following entries also appear under "DNS servers used": | In the Online Monitor, you can now see that the following entries also appear under "DNS servers used": |
t0biii