How to enable DoH(DNS over HTTPS) and what's the running strategy?

5,943 views
Skip to first unread message

ocean...@gmail.com

unread,
Aug 9, 2018, 11:30:21 PM8/9/18
to net-dev
I'm a newbie in chromium android dev. I find the chromium is already support the DoH(DNS over HTTPS). But I don't know how to enable it and config it.

I want to set my own DoH server as the first resolving choice, and if my DoH server can't resolve, use the original native DNS server. So I should know the running strategy of DoH in Chromium.

I find that the Firefox also support DoH and has some mode in "network.trr.mode". For example, "network.trr.mode=3" means that ONLY use DoH(TRR in Firefox), "network.trr.mode=2" means that use DoH first, and only if the name resolve fails use the native resolver as a fallback. The "network.trr.mode=2" meets my needs perfectly.

So how to enable the DoH feature and customize the strategy? Many thanks!

Brad Lassey

unread,
Aug 10, 2018, 9:08:17 AM8/10/18
to ocean...@gmail.com, Katharine Daly, net-dev
DoH can currently only be enabled by command line flags, which isn't particularly useful on Android. +Katharine Daly is working on exposing it via perfs.

-Brad

--
You received this message because you are subscribed to the Google Groups "net-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to net-dev+u...@chromium.org.
To post to this group, send email to net...@chromium.org.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/net-dev/f328823b-fd7a-4b30-a6c8-afa7d97a344c%40chromium.org.

fbifido fbifido

unread,
Jan 2, 2019, 8:01:11 PM1/2/19
to net-dev, ocean...@gmail.com, da...@google.com
Any up-date on this?

Katharine Daly

unread,
Jan 3, 2019, 9:10:48 AM1/3/19
to fbifido fbifido, net-dev, ocean...@gmail.com
The flag is still the only way to enable DoH.  To use Cloudflare's DoH service, you can run Chrome with --enable-features="dns-over-https<DoHTrial" --force-fieldtrials="DoHTrial/Group1" --force-fieldtrial-params="DoHTrial.Group1:server/https%3A%2F%2Fcloudflare-dns%2Ecom%2Fdns-query/method/POST".

Katharine Daly

unread,
Sep 3, 2019, 11:59:08 AM9/3/19
to fbifido fbifido, net-dev, ocean...@gmail.com
As a heads up, the DoH flags have changed for M78.  The flag is now called DnsOverHttps, and it has two parameters: Fallback (bool; indicates whether insecure queries should be used as fallback) and Templates (string; specifies the DoH templates to use).

To use Cloudflare’s DoH service via POST with fallback, you can run Chrome with --enable-features="DnsOverHttps<DoHTrial" --force-fieldtrials="DoHTrial/Group1" --force-fieldtrial-params="DoHTrial.Group1:Fallback/true/Templates/https%3A%2F%2Fcloudflare-dns.com%2Fdns-query"

sk57...@gmail.com

unread,
Nov 20, 2019, 4:41:39 PM11/20/19
to net-dev, ocean...@gmail.com

fbifido fbifido

unread,
Dec 2, 2019, 7:47:45 PM12/2/19
to sk57...@gmail.com, net-dev, ocean...@gmail.com
can anyone get all green using chrome & Cloudflare doh?


--
You received this message because you are subscribed to a topic in the Google Groups "net-dev" group.
To unsubscribe from this topic, visit https://groups.google.com/a/chromium.org/d/topic/net-dev/offElT1V6cM/unsubscribe.
To unsubscribe from this group and all its topics, send an email to net-dev+u...@chromium.org.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/net-dev/f73c6d38-d651-4a09-96af-d2384f1e8fe6%40chromium.org.

ans...@gmail.com

unread,
May 31, 2020, 4:25:34 PM5/31/20
to net-dev, fbi...@gmail.com, ocean...@gmail.com, da...@google.com

cyri...@gmail.com

unread,
Jun 25, 2020, 7:51:13 PM6/25/20
to net-dev, fbi...@gmail.com, ocean...@gmail.com, da...@google.com
how do I do that on a windows 10 machine?

PhistucK

unread,
Jun 26, 2020, 2:31:30 AM6/26/20
to cyri...@gmail.com, net-dev, fbi...@gmail.com, ocean...@gmail.com, da...@google.com
Reply all
Reply to author
Forward
0 new messages