Enforced, encrypted, self-hosted DNS solution for Android devices
Did you know all internet addresses you browse on your Android mobile phone or tablet are resolved by Google DNS servers (
2001:4860:4860::8844) as plain-text traffic, and due to that, your ISP may also know your browsing or application use habits?
The newest Android versions have feature known as private DNS. However, it accepts and uses only domain names instead of raw IP addresses, so I wouldn't trust the feature too much. Quite obviously you can use VPN. However, you are dependent on an external VPN provider service - and you hardly get useful DNS query logs at all.
So, no use either for built-in private DNS feature or VPN. What then? My answer: use a self-hosted DNS server with encryption support, running on your Android tablet or phone. Enforce every single DNS query by Android applications via that server. How? Keep reading. You need a rooted Android device.