DNS over HTTPS (DoH) proxy setup

A cheat sheet to install DoH support on OSX.

Installation

Add cloudflared via brew

brew install cloudflare/cloudflare/cloudflared

Create the default config YAML

$ mkdir -p /usr/local/etc/cloudflared
cat << EOF > /usr/local/etc/cloudflared/config.yml
proxy-dns: true
proxy-dns-upstream:
 - https://1.1.1.1/dns-query
 - https://1.0.0.1/dns-query
EOF

Create the service with sudo in order to bind to port 53

sudo cloudflared service install

Starting the service

If installed with sudo, start manually with sudo (else with start automatically at bootup)

$ sudo launchctl start com.cloudflare.cloudflared
INFO[0000] Installing Argo Tunnel client as a system launch daemon. Argo Tunnel client will run at boot
INFO[0000] Outputs are logged to /Library/Logs/com.cloudflare.cloudflared.err.log and /Library/Logs/com.cloudflare.cloudflared.out.log

Update your resolver preferences

System Preferences -> Network -> Advanced -> DNS

Add: 127.0.0.1 as the primary (and preferably only) resolver

Testing

dig +short @127.0.0.1 cloudflare.com AAAA
2400:cb00:2048:1::c629:d6a2
2400:cb00:2048:1::c629:d7a2

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

DNS over HTTPS (DoH) proxy setup

Installation

Starting the service

Update your resolver preferences

Testing

FilesExpand file tree

DoH.md

Latest commit

History

DoH.md

File metadata and controls

DNS over HTTPS (DoH) proxy setup

Installation

Starting the service

Update your resolver preferences

Testing