OpenDNS now supports DoT - tested and working on Merlin!

[Gary_Dexter]

Cisco Umbrella has recently announced that OpenDNS (and Umbrella) now supports DoT using the standard DNS servers and host names.

I’ve tested this on my AC2900 running Merlin 386.5 and can confirm it’s working as expected.

Now if only they would add the option to enforce Safe Search on search engines (like I believe their Enterprise Umbrella offering does…)

https://umbrella.cisco.com/blog/enhancing-support-dns-encryption-with-dns-over-https

Using DNS over TLS (DoT) With Cisco Umbrella​

While adding support for DNS over HTTPS directly to our core resolvers enabled our users to take advantage of DNS encryption better, it also provides an additional benefit. We can now handle TLS connections and support DNS over TLS natively in the core resolvers. We’re thrilled to announce that, as of January 28, 2022, support for DoT is live on all Umbrella resolvers globally.

Like DoH, DoT is an IETF standard for performing DNS queries over a secure, encrypted channel. Unlike DoH, however, DoT uses a dedicated port (TCP/853) for its connections. Clients that support DoT will check if their DNS server supports DoT. If it doesn’t, clients will fall back to regular unencrypted DNS (sometimes called Do53). Thus, configuration for DoT is typically just a matter of enabling it in a supported client.

 

[Tech9]

It does work, but I have one single DoT server around. Without DoT there are 20+. I don't know how it affects reliability yet.