在 Win11 22H2 上启用 DoH 加密

Question 1

我也一直在寻找这个。您正在寻找以下注册表项：

HKLM:System\CurrentControlSet\Services\Dnscache\InterfaceSpecificParameters\{InterfaceGuid}\DohInterfaceSettings\Doh\IPX.XXX.XXX.XXX

你必须设置的地方DohFlags重视1。

获取您的代码并将其与其他一些来源相结合，我得到了以下（有效的）PowerShell 脚本。在网络更改时使用计划任务运行此脚本足以在每个（新）接口上启用 DoH。

Add-DnsClientDohServerAddress -ServerAddress IP1.XXX.XXX.XXX -DohTemplate https://your.domain.from.dns.server/dns-query -errorAction SilentlyContinue
Add-DnsClientDohServerAddress -ServerAddress IP2.XXX.XXX.XXX -DohTemplate https://your.domain.from.dns.server/dns-query -errorAction SilentlyContinue


$i = Get-NetAdapter -Physical
$i | ForEach-Object {
Set-DnsClientServerAddress $_.InterfaceAlias -ServerAddresses "IP1.XXX.XXX.XXX","IP2.XXX.XXX.XXX"
$s1 = 'HKLM:System\CurrentControlSet\Services\Dnscache\InterfaceSpecificParameters\' + $_.InterfaceGuid + '\DohInterfaceSettings\Doh\IP1.XXX.XXX.XXX'; New-Item -Path $s1 -Force | New-ItemProperty -Name "DohFlags" -Value 1 -PropertyType QWORD
$s2 = 'HKLM:System\CurrentControlSet\Services\Dnscache\InterfaceSpecificParameters\' + $_.InterfaceGuid + '\DohInterfaceSettings\Doh\IP2.XXX.XXX.XXX'; New-Item -Path $s2 -Force  | New-ItemProperty -Name "DohFlags" -Value 1 -PropertyType QWORD
}
Clear-DnsClientCache;

将这些内容组合起来用于 Cloudflare DoH 可得到以下结果。您无需指定模板 (Add-DnsClientDohServerAddress)，因为 Cloudflare 模板已包含在 Windows 中（至少 11 22H2）。

$i = Get-NetAdapter -Physical
$i | ForEach-Object {
Set-DnsClientServerAddress $_.InterfaceAlias -ServerAddresses "1.1.1.1","1.0.0.1"
$s1 = 'HKLM:System\CurrentControlSet\Services\Dnscache\InterfaceSpecificParameters\' + $_.InterfaceGuid + '\DohInterfaceSettings\Doh\1.1.1.1'; New-Item -Path $s1 -Force | New-ItemProperty -Name "DohFlags" -Value 1 -PropertyType QWORD
$s2 = 'HKLM:System\CurrentControlSet\Services\Dnscache\InterfaceSpecificParameters\' + $_.InterfaceGuid + '\DohInterfaceSettings\Doh\1.0.0.1'; New-Item -Path $s2 -Force  | New-ItemProperty -Name "DohFlags" -Value 1 -PropertyType QWORD
}
Clear-DnsClientCache;

Answer

我也一直在寻找这个。您正在寻找以下注册表项：

HKLM:System\CurrentControlSet\Services\Dnscache\InterfaceSpecificParameters\{InterfaceGuid}\DohInterfaceSettings\Doh\IPX.XXX.XXX.XXX

你必须设置的地方DohFlags重视1。

获取您的代码并将其与其他一些来源相结合，我得到了以下（有效的）PowerShell 脚本。在网络更改时使用计划任务运行此脚本足以在每个（新）接口上启用 DoH。

Add-DnsClientDohServerAddress -ServerAddress IP1.XXX.XXX.XXX -DohTemplate https://your.domain.from.dns.server/dns-query -errorAction SilentlyContinue
Add-DnsClientDohServerAddress -ServerAddress IP2.XXX.XXX.XXX -DohTemplate https://your.domain.from.dns.server/dns-query -errorAction SilentlyContinue


$i = Get-NetAdapter -Physical
$i | ForEach-Object {
Set-DnsClientServerAddress $_.InterfaceAlias -ServerAddresses "IP1.XXX.XXX.XXX","IP2.XXX.XXX.XXX"
$s1 = 'HKLM:System\CurrentControlSet\Services\Dnscache\InterfaceSpecificParameters\' + $_.InterfaceGuid + '\DohInterfaceSettings\Doh\IP1.XXX.XXX.XXX'; New-Item -Path $s1 -Force | New-ItemProperty -Name "DohFlags" -Value 1 -PropertyType QWORD
$s2 = 'HKLM:System\CurrentControlSet\Services\Dnscache\InterfaceSpecificParameters\' + $_.InterfaceGuid + '\DohInterfaceSettings\Doh\IP2.XXX.XXX.XXX'; New-Item -Path $s2 -Force  | New-ItemProperty -Name "DohFlags" -Value 1 -PropertyType QWORD
}
Clear-DnsClientCache;

将这些内容组合起来用于 Cloudflare DoH 可得到以下结果。您无需指定模板 (Add-DnsClientDohServerAddress)，因为 Cloudflare 模板已包含在 Windows 中（至少 11 22H2）。

$i = Get-NetAdapter -Physical
$i | ForEach-Object {
Set-DnsClientServerAddress $_.InterfaceAlias -ServerAddresses "1.1.1.1","1.0.0.1"
$s1 = 'HKLM:System\CurrentControlSet\Services\Dnscache\InterfaceSpecificParameters\' + $_.InterfaceGuid + '\DohInterfaceSettings\Doh\1.1.1.1'; New-Item -Path $s1 -Force | New-ItemProperty -Name "DohFlags" -Value 1 -PropertyType QWORD
$s2 = 'HKLM:System\CurrentControlSet\Services\Dnscache\InterfaceSpecificParameters\' + $_.InterfaceGuid + '\DohInterfaceSettings\Doh\1.0.0.1'; New-Item -Path $s2 -Force  | New-ItemProperty -Name "DohFlags" -Value 1 -PropertyType QWORD
}
Clear-DnsClientCache;

Question 2

两者皆可的解决方案IPv4和IPv6的Cloudflare DNS：

$i = Get-NetAdapter -Physical
$i | ForEach-Object {
    Set-DnsClientServerAddress -InterfaceAlias "$($_.InterfaceAlias)" -ServerAddresses "1.1.1.1","1.0.0.1"
    Set-DnsClientServerAddress -InterfaceAlias "$($_.InterfaceAlias)" -ServerAddresses "2606:4700:4700::1111","2606:4700:4700::1001"
    $s1 = 'HKLM:System\CurrentControlSet\Services\Dnscache\InterfaceSpecificParameters\' + $_.InterfaceGuid + '\DohInterfaceSettings\Doh\1.1.1.1'; New-Item -Path $s1 -Force | New-ItemProperty -Name "DohFlags" -Value 1 -PropertyType QWORD
    $s2 = 'HKLM:System\CurrentControlSet\Services\Dnscache\InterfaceSpecificParameters\' + $_.InterfaceGuid + '\DohInterfaceSettings\Doh\1.0.0.1'; New-Item -Path $s2 -Force  | New-ItemProperty -Name "DohFlags" -Value 1 -PropertyType QWORD
    $s3 = 'HKLM:System\CurrentControlSet\Services\Dnscache\InterfaceSpecificParameters\' + $_.InterfaceGuid + '\DohInterfaceSettings\Doh6\2606:4700:4700::1111'; New-Item -Path $s3 -Force | New-ItemProperty -Name "DohFlags" -Value 1 -PropertyType QWORD
    $s4 = 'HKLM:System\CurrentControlSet\Services\Dnscache\InterfaceSpecificParameters\' + $_.InterfaceGuid + '\DohInterfaceSettings\Doh6\2606:4700:4700::1001'; New-Item -Path $s4 -Force  | New-ItemProperty -Name "DohFlags" -Value 1 -PropertyType QWORD
}
Clear-DnsClientCache

Answer

两者皆可的解决方案IPv4和IPv6的Cloudflare DNS：

$i = Get-NetAdapter -Physical
$i | ForEach-Object {
    Set-DnsClientServerAddress -InterfaceAlias "$($_.InterfaceAlias)" -ServerAddresses "1.1.1.1","1.0.0.1"
    Set-DnsClientServerAddress -InterfaceAlias "$($_.InterfaceAlias)" -ServerAddresses "2606:4700:4700::1111","2606:4700:4700::1001"
    $s1 = 'HKLM:System\CurrentControlSet\Services\Dnscache\InterfaceSpecificParameters\' + $_.InterfaceGuid + '\DohInterfaceSettings\Doh\1.1.1.1'; New-Item -Path $s1 -Force | New-ItemProperty -Name "DohFlags" -Value 1 -PropertyType QWORD
    $s2 = 'HKLM:System\CurrentControlSet\Services\Dnscache\InterfaceSpecificParameters\' + $_.InterfaceGuid + '\DohInterfaceSettings\Doh\1.0.0.1'; New-Item -Path $s2 -Force  | New-ItemProperty -Name "DohFlags" -Value 1 -PropertyType QWORD
    $s3 = 'HKLM:System\CurrentControlSet\Services\Dnscache\InterfaceSpecificParameters\' + $_.InterfaceGuid + '\DohInterfaceSettings\Doh6\2606:4700:4700::1111'; New-Item -Path $s3 -Force | New-ItemProperty -Name "DohFlags" -Value 1 -PropertyType QWORD
    $s4 = 'HKLM:System\CurrentControlSet\Services\Dnscache\InterfaceSpecificParameters\' + $_.InterfaceGuid + '\DohInterfaceSettings\Doh6\2606:4700:4700::1001'; New-Item -Path $s4 -Force  | New-ItemProperty -Name "DohFlags" -Value 1 -PropertyType QWORD
}
Clear-DnsClientCache

在 Win11 22H2 上启用 DoH 加密

答案1

答案2

相关内容