Cloudflare on Android as Private Dns

Hey. I want to set up cloudflare as a dns provider. However which is the better overall option? And what are the advantages one has over the other? (between setting it up on a router level and the android phone itself).

Android Private DNS is DNS over TLS, a.k.a. DOT.

Most routers (especially in home and small office environments) hand out DNS server addresses using DHCP. If they act as a Recursive Resolver they will identify their own IP in DHCP, or they will hand out the upstream resolver addresses via DHCP.

DHCP has no support for DOT (or DOH), so configuring the client (Android phone) is the only option for completely private DNS traffic.

Most routers have no support for DOH or DOT, so in the recursive role they offer no privacy.

You could run something like PiHole on your network, and have the router point users towards it also, and this usually offers more control over DNS traffic.


I don’t really trust Pi-Holes as I have worked a lot with them and they are full of vulnerabilities and bugs. But thank you very much for the well-written answer.

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.