Using anycast ip address instead of domain name
Greetings, many users including me have problems at the initiating stage of DoH:
- When local DNS blocking dns.nextdns.io;
- When local DNS is out of reach, e.g. combining with a VPN service.
This is especially a problem after the Ultra-Low-Latency feature. To solve this once for all, I recommend using a anycast ip with tls cert (like https://188.8.131.52) instead of the domain name dns.nextdns.io in any case or at least for the initiating stage of Ultra-Low-Latency.
If you decide to adopt this only for Ultra-Low-Latency, there's even no need to buy a tls cert for your ip. You can just use a self-signed cert and pin it into your apps :)