Hacker News new | ask | show | jobs
by rom1v 331 days ago
On Android, in Settings, Network & internet, Private DNS, you can only provide one in "Private DNS provider hostname" (AFAIK).

Btw, I really don't understand why it does not accept an IP (1.1.1.1), so you have to give an address (one.one.one.one). It would be more sensible to configure a DNS server from an IP rather than from an address to be resolved by a DNS server :/
1 comments
quacksilver 331 days ago
Private DNS on Android refers to 'DNS over HTTPS' and would normally only accept a hostname.

Normal DNS can normally be changed in your connection settings for a given connection on most flavours of Android.

link
fs111 331 days ago
No, it is not DNS over HTTPS it is DNS over TLS, which is different.
link
lxgr 331 days ago
Android 11 and newer support both DoH and DoT.
link
politelemon 330 days ago
Where is this option? How can I distinguish the two, the dialog simply asks for a host name
link
eptcyka 331 days ago
Cloudflare has valid certs for 1.1.1.1
link
rom1v 331 days ago
> Private DNS on Android refers to 'DNS over HTTPS'

Yes, sorry, I did not mention it.

So if you want to use DNS over HTTPS on Android, it is not possible to provide a fallback.

link
ignoramous 331 days ago
> So if you want to use DNS over HTTPS on Android, it is not possible to provide a fallback.

Not true. If the (DoH) host has multiple A/AAAA records (multiple IPs), any decent DoH client would retry its requests over multiple or all of those IPs.

link
lxgr 331 days ago
Does Cloudflare offer any hostname that also resolves to a different organization’s resolver (which must also have a TLS certificate for the Cloudflare hostname or DoH clients won’t be able to connect)?
link
ignoramous 331 days ago
Usually, for plain old DNS, primary and secondary resolvers are from the same provider, serving from distinct IPs.
link
lxgr 331 days ago
Yes, but you were talking about DoH. I don’t know how that could plausibly work.
link
quaintdev 331 days ago
Its DNS over TLS. Android does not support DNS over HTTPS except Google's DNS
link
lxgr 331 days ago
It does since Android 11.
link
Tarball10 330 days ago
For a limited set of DoH providers. It does not let you enter a custom DoH URL, only a DoT hostname.
link
KoolKat23 331 days ago
As far as I understand it, it's Google or Cloudflare?
link