Help with connecting to the cloudflare dns

I want connect using port 853 over tcp, but when i launch netstat there is no port 853. While i have enabled in firewall only 443 and 80 except that.
Please help!

I can’t edit for some reason.
I tested it with wireshark and i connect though port 53, don’t know how it is possible, i have allowed only port, 80, 443 and 853 for tcp. And i delete all firewall rules and blocked even outbound connection and literally allowed only these ports, so how i am connecting to 53 to 1.1.1.1 ??? And i even used firefox and checked tls working and everything except esni which is not important. Ah it is destination port, but it still doesnt explain why source port is xxxxx, which is not allowed and browser is not allowed either… But still i should be connecting to 853 instead 53… I passed all test so i don’t see reason it shouldnt work… And in setup page is nothing that would help…

Cloudflare does not support the port you are asking for

So why there is listed on your website that it uses 853 over tls ? https://developers.cloudflare.com/1.1.1.1/dns-over-tls/
What port i should use to connect than ? Also i passed your test and it said my browser supports tls 1.3, i use firefox and than i checked in fireshark and all packets were using tls 1.2, strange.

That is the port if you want to use DoT. What is it you actually want to do? Be as precise as possible.

Yea i want connect to a dns using DoT. I also need to be able use dns for connecting to a open vpn. I have no idea whether it would worked. Point is i want secure connection to the dns, instead classical.

What is your question then? Simply configure your DoT resolver to connect to Cloudflare’s DoT servers and you should be fine.

You mean just put 1.1.1.1 under nic dns ? But when i use 1.1.1.1, i connect to a port 53, instead 853 and also via tls 1.2, not 1.3 While in your test it said my browser support tls 1.3 and in setting it was set right too. So it makes no sense. I used this tutorial on your site btw https://developers.cloudflare.com/1.1.1.1/setting-up-1.1.1.1/

When you set Cloudflare as your system resolver you will obviously use standard DNS and not DoT, which also explains the port.

You need to configure DoT according to https://developers.cloudflare.com/1.1.1.1/dns-over-tls/

You might also want to check out https://dnsprivacy.org/wiki/display/DP/DNS+Privacy+Clients

1 Like

That explains a lot, but i don’t get it, there is only how it works and not how to setup ? Do you have good guide how to set this up. Thanks!

The setup depends on the client. Pick one from the list and start reading about its configuration.

Which list ?

The list I just posted.

I installed stubby and at configuration file is written that it is recommended to leave it at default.
So i checked in wireshark tcp port 853 and cloudflare esni test and still not using DoT.
I found yet README at stubby directory and i run it through elevated cmd, than i was supposed to test dns, using dns_query command via cmd, but it says connection timed out, while normal nslookup in cmd works and i have enabled both stubby and dns_query in firewall, both inbound and outbound.
I have yet concern, when i installed stubby, progress bar flashed and dissapeared and that was it, what a peculiar installer, but it shows installed in control panel, i have no idea if is that okay or not. Maybe i should write on github.

Yes, that is a very client specific question and you’d best contact their official support channels (e.g. on Github).

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.