Cloudflare Enablement
1.1.1.1
Testing
GitHub icon
Edit this page on GitHub
Set theme to dark (⇧+D)
  1. Products
  2. 1.1.1.1 (DNS Resolver)
  3. ...
  4. DNS over HTTPS
  5. Connect to 1.1.1.1 using DoH clients

Connect to 1.1.1.1 using DoH clients

There are several DoH clients you can use to connect to 1.1.1.1.

​​ cloudflared

  1. Download and install the cloudflared daemon.

  2. Verify that the cloudflared daemon is installed by entering the following command:

  3. Start the DNS proxy on an address and port in your network. If you do not specify an address and port, it will start listening on localhost:53. DNS (53) is a privileged port, so for the initial demo we will use a different port:

  4. You can verify that cloudflared is running using a dig, kdig, host, or any other DNS client.

  5. Run cloudflared as a service so it starts on user login. On many Linux distributions, this can be done with:

  6. Change your system DNS servers to use 127.0.0.1. On Linux, you can modify /etc/resolv.conf:

  7. Finally, verify it locally with:

​​ DNSCrypt-Proxy

The DNSCrypt-Proxy 2.0+ supports DoH out of the box. It supports both 1.1.1.1 and other services. It also includes more advanced features, such as load balancing and local filtering.

  1. Install DNSCrypt-Proxy .

  2. Verify that dnscrypt-proxy is installed and the version is 2.0 or later:

  3. Set up the configuration file using the official instructions , and add cloudflare and cloudflare-ipv6 to the server list in dnscrypt-proxy.toml:

  4. Make sure that nothing else is running on localhost:53, and check that everything works as expected:

  5. Register it as a system service according to the DNSCrypt-Proxy installation instructions .