ESNI for hosts file?

sig512 · December 19, 2020, 1:09pm

I was wondering if ESNI is going to work for hosts whose address is overridden in /etc/hosts.

Does ESNI still make ESNI DNS lookups for hosts resolved via the hosts file?

sdayman · December 19, 2020, 1:18pm

ESNI doesn’t care how your computer resolved the IP address for the site. /etc/hosts is essentially a local DNS lookup.

However…I can’t think of a time I ever used /etc/hosts with Cloudflare IP addresses. I usually go the opposite direction: Public DNS has my site’s Cloudflare IP address, and my /etc/hosts has my origin server’s IP address.

Though I suppose if you’re just trying to test your site through Cloudflare if it’s “Paused” or DNS-Only, you may go the /etc/hosts route.

sig512 · December 19, 2020, 2:44pm

OK I see. Indeed it seems to still work even if I override the CF IP in the hosts file. It means that theoretically I could leak DNS type65 queries for a certain domain even if I use the hosts file. So for better privacy ESNI should be coupled with DOH.

system · January 18, 2021, 1:09pm

This topic was automatically closed after 30 days. New replies are no longer allowed.

Topic		Replies	Views
I forgot where my website is hosted! Help DNS & Network dns	2	1993	June 14, 2018
(HELP) Host IP Cloudflare General	4	1893	December 15, 2020
IP for my hostname DNS & Network	9	1060	February 14, 2023
Cloudflare ESNI checker Secure DNS check does not work with DNS over TLS DNS & Network	5	18254	October 3, 2019
NEWBIE IP Confusion Getting Started	8	2798	March 5, 2021

ESNI for hosts file?

Related topics