Hacker News new | past | comments | ask | show | jobs | submit login

So Pi-hole should continue to work without issue?

My worry here is that google has proven they see themselves as the only subversives allowed.

They are okay with themselves censoring and curating content but someone outside comes in and they are not happy to have other subversives. I used to trust them to do the right thing many years ago, but that’s not the case any longer.




With Chrome I don't think there will be a problem.

With Firefox it needs to report use-application-dns.net as not available (see NXDOMAIN below)

    $ dig use-application-dns.net.
    ; <<>> DiG 9.16.1-Ubuntu <<>> use-application-dns.net.
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22419
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1


I'm not against the idea of DoH but I do want to exert control about how it is being used.

So if you want to use DoH within your network and have Pi-hole, I'd probably put a DoH endpoint on the same server as the Pi-hole and configure my browser to point to that instead.

It'd look something like

Laptop/desktop --(DoH)--> DoH server --> Pi-hole --> Upstream DNS --(DoH?)--> Public DNS

Not ideal but until someone creates a system that acts as DoH server, adblocker, upstream DoH resolver, this is probably the best that one can do for now.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: