The future of DNS is encryption


#1

I love the feature that lets the router force all attached devices use the DNS servers the router is configured with. However, as I understand it, this is done by watching and/or intercepting UDP port 53 and DNS is changing.

DNS over TLS uses port 853. If this traffic is re-directed or however managed to use the routers DNS servers rather than the DNS servers requested by the attached device, then great, the router remains in charge. However, this may also take an encrypted DNS request and transform it to not be encrypted. Every coin has two sides.

The other new DNS encryption scheme, DNS over HTTPS uses port 443, so its not clear if the router can force that traffic to use the DNS servers in the router, even it wanted to.

Any idea what Peplink is planning or doing regarding these new encrypted DNS approaches?