Question Wireless Routers That Natively Support DNS over DoH

Toggle sidebar Toggle sidebar
privatemike

privatemike

Aug 8, 2024
4
0
10
Has anyone compiled, or failing that, know of a list of consumer grade wireless routers that natively support DNS over DoH? Searching through the plethora of manufactures and models feels like an exercise in futility.
Thanks in advance,
Mike
 
Sort by date Sort by votes
L

lantis3

Distinguished
Nov 5, 2015
540
82
18,970
Copilot

Sent by Copilot:​

Sure! Here are some models from ASUS, D-Link, eero, Netgear, and TP-Link that support DNS over HTTPS (DoH):

ASUS Routers​

  1. ASUS RT-AX88U
  2. ASUS RT-AX86U
  3. ASUS RT-AX82U
  4. ASUS RT-AX58U
  5. ASUS RT-AX55
  6. ASUS RT-AX56U
  7. ASUS RT-AX92U
  8. ASUS ZenWiFi AX (XT8)
  9. ASUS ZenWiFi AX Mini (XD4)
  10. ASUS ROG Rapture GT-AX11000

D-Link Routers​

  1. D-Link DIR-3060
  2. D-Link DIR-2660
  3. D-Link DIR-1960
  4. D-Link DIR-878
  5. D-Link DIR-882
  6. D-Link DIR-867
  7. D-Link DIR-853
  8. D-Link DIR-825
  9. D-Link DIR-822
  10. D-Link DIR-819

eero Routers​

  1. eero Pro 6
  2. eero 6
  3. eero Pro
  4. eero Beacon
  5. eero 6+
  6. eero Pro 6E
  7. eero 6 Extender
  8. eero Secure
  9. eero Secure+
  10. eero Mesh WiFi Router

Netgear Routers​

  1. Netgear Nighthawk AX12 (RAX120)
  2. Netgear Nighthawk AX8 (RAX80)
  3. Netgear Nighthawk AX6 (RAX50)
  4. Netgear Nighthawk AX4 (RAX40)
  5. Netgear Nighthawk AX1800 (RAX20)
  6. Netgear Nighthawk AX5400 (RAX50S)
  7. Netgear Nighthawk AX6000 (RAX80S)
  8. Netgear Nighthawk AX6600 (RAX70)
  9. Netgear Orbi WiFi 6 (RBK852)
  10. Netgear Orbi Pro WiFi 6 (SXK80)

TP-Link Routers​

  1. TP-Link Archer AX6000
  2. TP-Link Archer AX50
  3. TP-Link Archer AX55
  4. TP-Link Archer AX73
  5. TP-Link Archer AX90
  6. TP-Link Archer AX20
  7. TP-Link Archer AX10
  8. TP-Link Deco X60
  9. TP-Link Deco X20
  10. TP-Link Deco X68
 
Last edited:
Upvote 0 Downvote
privatemike

privatemike

Aug 8, 2024
4
0
10
lantis3 said:
Copilot

Sent by Copilot:​

Sure! Here are some models from ASUS, D-Link, eero, Netgear, and TP-Link that support DNS over HTTPS (DoH):

ASUS Routers​

  1. ASUS RT-AX88U
  2. ASUS RT-AX86U
  3. ASUS RT-AX82U
  4. ASUS RT-AX58U
  5. ASUS RT-AX55
  6. ASUS RT-AX56U
  7. ASUS RT-AX92U
  8. ASUS ZenWiFi AX (XT8)
  9. ASUS ZenWiFi AX Mini (XD4)
  10. ASUS ROG Rapture GT-AX11000

D-Link Routers​

  1. D-Link DIR-3060
  2. D-Link DIR-2660
  3. D-Link DIR-1960
  4. D-Link DIR-878
  5. D-Link DIR-882
  6. D-Link DIR-867
  7. D-Link DIR-853
  8. D-Link DIR-825
  9. D-Link DIR-822
  10. D-Link DIR-819

eero Routers​

  1. eero Pro 6
  2. eero 6
  3. eero Pro
  4. eero Beacon
  5. eero 6+
  6. eero Pro 6E
  7. eero 6 Extender
  8. eero Secure
  9. eero Secure+
  10. eero Mesh WiFi Router

Netgear Routers​

  1. Netgear Nighthawk AX12 (RAX120)
  2. Netgear Nighthawk AX8 (RAX80)
  3. Netgear Nighthawk AX6 (RAX50)
  4. Netgear Nighthawk AX4 (RAX40)
  5. Netgear Nighthawk AX1800 (RAX20)
  6. Netgear Nighthawk AX5400 (RAX50S)
  7. Netgear Nighthawk AX6000 (RAX80S)
  8. Netgear Nighthawk AX6600 (RAX70)
  9. Netgear Orbi WiFi 6 (RBK852)
  10. Netgear Orbi Pro WiFi 6 (SXK80)

TP-Link Routers​

  1. TP-Link Archer AX6000
  2. TP-Link Archer AX50
  3. TP-Link Archer AX55
  4. TP-Link Archer AX73
  5. TP-Link Archer AX90
  6. TP-Link Archer AX20
  7. TP-Link Archer AX10
  8. TP-Link Deco X60
  9. TP-Link Deco X20
  10. TP-Link Deco X68
Click to expand...
Thank you copilot. Exactly what I hoped for. Take Care
 
Upvote 0 Downvote
privatemike

privatemike

Aug 8, 2024
4
0
10
bill001g said:
I tend to always run this on end client. The routers cache function no matter if it uses HTTPS or not tends to be flaky.
Click to expand...
bill001g, if I understand your reply correctly, enabling DNS over HTTPS (DoH) within Windows 11 Pro will achieve the same on-line security benefits without having to purchase a new router. Yes? / No?
I apologize in advance for my shallow knowledge; it's a generational thing. Mike
 
Upvote 0 Downvote
B

bill001g

Titan
Aug 9, 2012
28,755
2,891
125,640
Yes you can just use the features in the OS. In theory it is slightly more secure because it is end to end. When you use a router the dns is not secure on your lan....hard to say if that really is a true exposure.

The larger issue I have is dns on routers cause all kinds of strange issue. The theory has been that the router could cache dns results but that does not always work well and modern data centers are using DNS to load balance so you can get different IP at times. It also is dependant on the router firmware being smart and not causing too much cpu load.
I tend to use my router purely to do the NAT function.

The only time I could see it advantage to use the router as a DNS is if you have a device that does not support encrypted dns.
 
Upvote 0 Downvote
privatemike

privatemike

Aug 8, 2024
4
0
10
bill001g said:
Yes you can just use the features in the OS. In theory it is slightly more secure because it is end to end. When you use a router the dns is not secure on your lan....hard to say if that really is a true exposure.

The larger issue I have is dns on routers cause all kinds of strange issue. The theory has been that the router could cache dns results but that does not always work well and modern data centers are using DNS to load balance so you can get different IP at times. It also is dependant on the router firmware being smart and not causing too much cpu load.
I tend to use my router purely to do the NAT function.

The only time I could see it advantage to use the router as a DNS is if you have a device that does not support encrypted dns.
Click to expand...
Awesome to know bill001g. Enabling this feature looks straight forward. Would you consider it "good practice" to clear all browsing history and cookies ect from each configured device after implementing just to be sure?
 
Upvote 0 Downvote
B

bill001g

Titan
Aug 9, 2012
28,755
2,891
125,640
Makes no difference. All that dns does is convert a name to a ip address. The pc then only uses the IP address. In many cases the pc also has a cache someplace for that information that it keeps for a very short period of time so it doesn't constantly ask the DNS server. This is at the OS level it is not the browser.

The only complexity is many browser now have the ability to override the DNS. This was very useful for the year or more before microsoft added encrypted DNS to the OS. The problem now is you have to make sure that the browser is not over riding since you can set the browser to use a non encrypted dns server even when the OS is set to use one. Pretty much more places to make a big mess of stuff if you are not careful what you change.

Browser history is the names of the sites it does not keep of what IP it resolves to. This again is because the IP addresses can change a lot. Do nslookup www.google.com
You will see a list of IP and the order can change everytime you do the command. It also likley changes if you use different DNS servers.

A so called web "server" is no longer just in one location or one physical machine.
 
Upvote 0 Downvote
kanewolf

kanewolf

Titan
Moderator
May 29, 2013
37,786
3,452
156,790
privatemike said:
Has anyone compiled, or failing that, know of a list of consumer grade wireless routers that natively support DNS over DoH? Searching through the plethora of manufactures and models feels like an exercise in futility.
Thanks in advance,
Mike
Click to expand...
If you want that much control over DNS, then use something like PIHole, IMO. Remove the router from the equation so that you can buy the best router.
 
Upvote 0 Downvote
kanewolf

kanewolf

Titan
Moderator
May 29, 2013
37,786
3,452
156,790
Upvote 0 Downvote
L

lantis3

Distinguished
Nov 5, 2015
540
82
18,970
OP does not have to buy a new router just for DoH, been pointed out above by others.

OP can either set the DNS over HTTPS at OS level

View: https://www.youtube.com/watch?v=AXlU0D7V5pc


or install a local open source Windows DNS server - Technitinum if OP does not want to setup Pi-Hole which requires a standalone DNS running on another machine - ARM or x86 based SOC for example.

Technitium will let you see a lot more info about what's going on with your queries.

in the Technitium settings sets the dns forwarder you want to use and choose DNS over HTTPS

Personally I don't use DoH though.

nMsC1b5.png
 
Last edited:
Upvote 0 Downvote
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom