Skip to content

DoH Service

A unified DNS-over-HTTPS (DoH) resolver that forwards DNS queries to multiple upstream providers through a single HTTPS endpoint.
Supports Google, Cloudflare, Quad9, Aliyun internal DNS, and intelligent routing modes.

Access control

This service enforces network-level access control.

Test your connectivity:

1
curl -s https://doh.kubectl.net/-/access/test

Expected responses:

  • Access Allowed
  • Access Denied

For support or inquiries: dev@intellij.io

Resolver endpoints

Base URL:

1
https://doh.kubectl.net

Each resolver is accessed via:

1
/{vendor_id}/dns-query

Available providers

vendor_id path description
google /google/dns-query Google Public DNS DoH upstream, forwarding to https://8.8.8.8/dns-query
cloudflare /cloudflare/dns-query Cloudflare 1.1.1.1 DoH upstream, forwarding to https://1.1.1.1/dns-query
quad9 /quad9/dns-query Quad9 DoH upstream, forwarding to https://9.9.9.9/dns-query
random /random/dns-query Randomly selects Google, Cloudflare, or Quad9 for upstream resolution
direct /direct/dns-query Aliyun internal DNS, load-balanced between 100.100.2.136:53 and 100.100.2.138:53 by VPS location
aliyun /aliyun/dns-query Alias of direct for Aliyun internal DNS resolution
udp-dnspod /udp-dnspod/dns-query DNSPod UDP upstream 119.29.29.29:53, selected by VPS location
udp-wuhan /udp-wuhan/dns-query Wuhan-local load-balanced resolver using China Telecom, DNSPod, and AliDNS
diversion /diversion/dns-query Rule-based routing between domestic and foreign upstream resolvers
diversion-wuhan /diversion-wuhan/dns-query Wuhan-local rule-based routing between domestic and foreign upstream resolvers
diversion-vps /diversion-vps/dns-query VPS-location-aware rule-based routing between domestic and foreign upstream resolvers

List all vendor IDs programmatically:

1
curl -s https://doh.kubectl.net/api/doh/vendors

Notes

  • random and direct endpoints are managed internally for improved reliability.
  • diversion modes dynamically choose upstream resolvers based on domain geolocation rules.
  • All queries require HTTPS.
  • Fully compatible with RFC 8484 DoH binary or JSON query formats.
Resource Link Description
RFC 8484 — DNS over HTTPS https://datatracker.ietf.org/doc/html/rfc8484 Official DoH protocol specification
Google Public DNS DoH https://developers.google.com/speed/public-dns/docs/dns-over-https Google DoH usage documentation
Cloudflare DoH Docs https://developers.cloudflare.com/1.1.1.1/dns-over-https/ Cloudflare 1.1.1.1 DoH documentation
Quad9 DoH https://www.quad9.net/doh-quad9-dns/ Quad9 DoH service overview
IETF DoH Working Group https://datatracker.ietf.org/wg/doh/about/ IETF working group information