I use NextDNS in my network and I'd say it's well worth the price. I could of course accomplish it with PiHole, but NextDNS just works, and covers my phone when I'm not at home.
On Android 12+ (if my memory serves well), you can use DNS over TLS without having to install any additional software. It seems to cover all of the connections, but I don't think DoT is used when your phone connects to your network for VoWifi and eSIM provisioning connections (I didn't see them in my NextDNS logs)