How can I tell that I'm using DOH via Pi-Hole?

Hi there!
I’ve used a docker container to set up Cloudflared to DOH my Pi-Hole.
I’m successfully resolving through it.
I have “TUNNEL_DNS_UPSTREAM=” in the docker-compose YML.
If I use Cloudflare ESNI Checker, I “May not be using secure DNS; We weren’t able to detect whether you were using a DNS resolver over secure transport.”
My url

How can I tell that I’m actually resolving using DOH? Is there a way to test this in a similar way to Should I be seeing something different on that page?

Thank you!

I suppose you could block all Port 53 traffic in and out and see what happens. I have to admit that my test doesn’t show DoH, but I know it does because I’m using Gateway through the DoH address. This is similar to the guide I used since I’m using cloudflared to make the DoH connection:

1 Like

That’s a good idea. I’ll see what I can do.
I’ve got no reason to believe it doesn’t work.

One thing that could be causing issues is this, potentially.

but the result does not change if I turn it on or off. If I set it specifically to Cloudflare, it does say I am using DOH.

Blocking port 53:

That must prove that DOH is being used then.

1 Like