Knowledge Base What is DoH and How to use it on TP-Link Wi-Fi Routers?
Introduction of DNS over HTTPS (DoH)
The Domain Name System (DNS) is a crucial component of the internet infrastructure, responsible for translating human-readable domain names into IP addresses. However, traditional DNS queries are transmitted in plaintext, making them susceptible to interception and manipulation.
To address these security and privacy concerns, DNS over HTTPS (DoH) emerged as a promising solution.
1. Understanding DoH
DNS over HTTPS (DoH) is a protocol that encrypts DNS queries and responses within HTTPS (HTTP Secure) connections. It provides an additional layer of privacy and security by wrapping DNS traffic within the encrypted tunnel of HTTPS, the same protocol used to secure websites and online communications.
When a user makes a DNS query using DoH, the request is sent to a DNS resolver over an encrypted channel, preventing third parties from eavesdropping on the queries.
2. Advantages of DoH
a. Enhanced Privacy
Traditional DNS queries are sent in plaintext, allowing internet service providers (ISPs) and other entities to monitor users' browsing habits. With DoH, the DNS queries are encrypted, protecting user privacy and making it difficult for third parties to intercept and analyze the data.
b. Mitigating DNS Manipulation
DoH helps protect against DNS spoofing and manipulation, where malicious actors redirect users to fake websites. By encrypting DNS queries, DoH ensures that users receive authentic responses from trusted DNS resolvers, reducing the risk of falling victim to DNS-based attacks.
c. Secure Public Wi-Fi Usage
Public Wi-Fi networks are often prone to security risks. Using DoH on such networks adds an extra layer of security, preventing potential attackers from exploiting DNS vulnerabilities and conducting man-in-the-middle attacks.
d. Bypassing DNS-Based Restrictions
DoH can also help users bypass DNS-based restrictions imposed by certain ISPs or governments. By encrypting DNS queries, users can access websites and services that might otherwise be blocked or censored
How to use DoH on TP-Link Wi-Fi Routers
For TP-Link WiFi Routers that have alreasy supported DoH, please refer to this thread: Wi-Fi Routers Support DoH and IoT Network
For other models, please pay attention to your router Web GUI or TP-Link official website for any new firmware release.
Currently the following 3 DoH servers are supported by TP-Link routers, you could select either of them:
1. dns.quad9.net
2. dns.google
3. cloudflare-dns.com
The DoH function is available on Advanced->Network->Internet page. Status "Connected" means the communication with the DoH server is working properly.
Note: Customize servers are not supported at this moment but will be supported in the future, no expected date can be given now and please pay attention to new firmware release on the Web GUI or TP-Link official website.
Related Article
Wi-Fi Routers Support DoH and IoT Network