[Asdfbla]

>supports encrypted DNS as well as DNS over HTTPS

Are encrypted DNS requests used by default? Does 1.1.1.1 somehow advertise to your client (whether it's a browser, the OS or a router) that encryption is possible? Do I have to configure my endpoint, which may expect to be able to send normal plaintext DNS requests, for it?

I guess DNS over HTTPS will surely not be supported by normal routers, but I don't know what other protocol Cloudflare refers to as "encrypted DNS", so maybe that will work.

[zackbloom]

Encrypted DNS usually refers to making TLS-secured connection to a DNS server over port :853. You can read more here: https://tools.ietf.org/html/rfc7858

[Asdfbla]

Thanks a lot, that was what I looking for. Seems most realistic to configure DNS-over-TLS on the OS level then.