AdguardTeam
Add "Cloudflare Resolver for Firefox" to the providers list
Cloudflare has a second DNS (https://mozilla.cloudflare-dns.com/dns-query) server that only answers DNS-over-HTTPS requests. This is the server Mozilla is pushing to become default in Firefox, and it has a stricter privacy policy.
These are the data Cloudflare DNS keeps permanently (don't read, just look at the length):
- Total number of queries with different protocol settings (e.g tcp/udp/dnssec) by Cloudflare PoP
- Response code/time quantiles with different protocol settings by Cloudflare PoP
- Total Number of Requests Processed by Cloudflare PoP
- Aggregate List of All Domain Names Requested, and timestamp of first time requested
- Number of unique users, queries over IPv4, queries over IPv6, queries with the RD bit set, queries asking for DNSSEC, number of bogus, valid, and invalid DNSSEC answers, queries by type, number of answers with each response code, response time quantiles (e.g. 50 percentile), and number of cached answers per minute, per day, per protocol (HTTPS/UDP/TCP/TLS), per Cloudflare data center, and per Autonomous System Number.
- Number of queries, number of queries with EDNS, number of bytes and time in answers quantiles (e.g. 50 percentile) by day, month, Cloudflare data center, and by IPv4 vs IPv6.
- Number of queries, response codes and response code quantiles (e.g. 50 percentile) by day, region, name and type.
On the other hand, here are the data Cloudflare Resolver for Firefox keeps permanently:
- Total number of requests processed by each Cloudflare co-location facility
- Aggregate list of all domain names requested
- Samples of domain names queried along with the times of such queries
Here is the FAQ page for the Cloudflare resolver and Cloudflare-Mozilla resolver.
Therefore I believe Cloudflare Resolver for Firefox deserves to be in the list next to Cloudflare DNS.
{
"name": "Cloudflare DNS for Firefox",
"logo": "ic_cloudflare_provider_logo",
"summary": "cloudflare_firefox_dns_description",
# Cloudflare's high performance DNS with Mozilla's strict privacy requirements
"protocols": [
"doh"
],
"features": [
"no_logs"
],
"website": "https://developers.cloudflare.com/1.1.1.1/commitment-to-privacy/privacy-policy/firefox/",
"servers": [
{
"protocol": "doh",
"anycast": true,
"id": "cloudflare-firefox",
"name": "cloudflare",
"upstreams":[
"https://mozilla.cloudflare-dns.com/dns-query"
]
}
]
}
Secondly (a completely different issue), please change
{
"protocol": "doh",
"anycast": true,
"id": "cloudflare",
"name": "cloudflare",
"upstreams":[
"https://dns.cloudflare.com/dns-query"
]
},
to
{
"protocol": "doh",
"anycast": true,
"id": "cloudflare",
"name": "cloudflare",
"upstreams":[
"https://1.1.1.1/dns-query",
"https://1.0.0.1/dns-query",
"https://cloudflare-dns.com/dns-query"
]
},
as suggested on this page:
You can use numeric addresses, to avoid circular dependency on system resolver.
proxy-dns-upstream: - https://1.1.1.1/dns-query - https://1.0.0.1/dns-query
Thirdly, this is not very important, so feel free to disagree. My suggestion is to add all addresses to Cloudflare DNS:
"protocol": "dns",
"id": "cloudflare-dns",
"name": "Cloudflare",
"upstreams":[
"1.1.1.1",
"1.0.0.1"
]
},
to
"protocol": "dns",
"id": "cloudflare-dns",
"name": "Cloudflare",
"upstreams":[
"1.1.1.1",
"1.0.0.1",
"2606:4700:4700:0:0:0:0:1111",
"2606:4700:4700:0:0:0:0:1001"
]
},
and same for Google too.
Thanks ! If it's useful for you, I'd gladly open a pull request.
