Setting up Cloudflared, the DNS-over-HTTPS client, the correct way

Step 1: add the repository, import GPG key and update apt cache

echo 'deb Buster main' |
tee /etc/apt/sources.list.d/cloudflare-main.list

curl -C - | apt-key add -

apt update

Step 2: install cloudflared

apt install cloudflared

Step 3: edit the config file at /etc/cloudflared/config.yml

proxy-dns: true

Some of the other DoH-ready servers are:


The use of DNS names such as or in DoH requests should be discouraged as you may run into ciruclar DNS lookup failures.

Step 4: create the service file manually at /etc/systemd/system/cloudflared.service

Description=Cloudflared DNS over HTTPS proxy

ExecStart=/usr/bin/cloudflared --config /etc/cloudflared/config.yml


Step 5: reload systemd process and start cloudflared daemon

systemctl daemon-reload
service cloudflared start

Step 6: update /etc/resolv.conf


At this point, you would have configured your system to resolve DNS via DoH.

Pages: 1 2


Leave a Reply