I present an alternative way to use Pi-hole outside the home network by leveraging Encrypted DNS (aka DNS-over-TLS and DNS-over-HTTPS) instead of the usual VPN.
A big problem for me is, that Android is not allowing custom DoT servers. Even though the system supports DoH and is even using it for their built in resolver (Google/cloud flare)
Networks that only whitelist TCP 433 (some guest wifis) will fail to use DoT.
I believe you swapped DoT (TLS, port 853) and DoH (HTTPS) in your message. I have yet to be in a network that restricts port 853, but if I could I would rather use DoH on Android.
A big problem for me is, that Android is not allowing custom DoT servers. Even though the system supports DoH and is even using it for their built in resolver (Google/cloud flare) Networks that only whitelist TCP 433 (some guest wifis) will fail to use DoT.
I believe you swapped DoT (TLS, port 853) and DoH (HTTPS) in your message. I have yet to be in a network that restricts port 853, but if I could I would rather use DoH on Android.