How can I tell that I'm using 1.1.1.3 DOH via Pi-Hole?

Hi there!
I’ve used a docker container to set up Cloudflared to DOH my Pi-Hole.
I’m successfully resolving through it.
I have “TUNNEL_DNS_UPSTREAM=https://family.cloudflare-dns.com/dns-query” in the docker-compose YML.
If I use Cloudflare ESNI Checker, I “May not be using secure DNS; We weren’t able to detect whether you were using a DNS resolver over secure transport.”
My 1.1.1.1/help url

How can I tell that I’m actually resolving using DOH? Is there a way to test this in a similar way to 1.1.1.1/help? Should I be seeing something different on that page?

Thank you!

I suppose you could block all Port 53 traffic in and out and see what happens. I have to admit that my test doesn’t show DoH, but I know it does because I’m using Gateway through the DoH address. This is similar to the guide I used since I’m using cloudflared to make the DoH connection:
https://docs.pi-hole.net/guides/dns/cloudflared/

1 Like

That’s a good idea. I’ll see what I can do.
I’ve got no reason to believe it doesn’t work.

One thing that could be causing issues is this, potentially.


but the result does not change if I turn it on or off. If I set it specifically to Cloudflare, it does say I am using DOH.

Blocking port 53:
image

That must prove that DOH is being used then.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.