It probably (I didn’t check the source code) send an initial DNS request to the default DNS server (your network provider).
It’s harmless to your privacy, you’re just saying here: “Hey! I don’t trust your DNS service, I will use this one”. Further DNS requests won’t be caught by your provider.
Once again I didn’t check, but making a hostname mandatory probably means DoH (DNS over HTTPS) or DoT (DNS over TLS). Both provide excellent privacy.
I don’t know much about “Automatic”, maybe others do.
Oh it is quite bad: Privacy aside, It actually makes the usability of my desired DNS resolver dependent on the cooperation of the one asked to resolve its name. This fails if the DNS server I want to use does not have a DNS entry, or one not known to the “default DNS server”. And it also allows the “default DNS server” to redirect my future requests at his discretion.
I do know about DoH (DNS over HTTPS), this is not relevant here. I have a pretty useful private DNS resolver that can be found by its IP address, and I’d rather use that.
It’s the opposite of harmless. It is not possible to use Netguard or similar apps thanks to lack of non DoT preferences. So users have to rely on the default and the default of /e/ (backup DNS) is google. An OS saying ‘degoogled’ implementing such lack of dns possibilities is a bit non-credible. I opened an issue but they of course did not work on it yet.
And you are a bit naive. What you really say is: “Hey, I don’t trust your DNS service, so here is my IP address though I don’t want to provide it to you”.
The only advice I can give you is what I did to work arround my problem as much as possible. I use NetGuard and I use a Socks forwarding to orbot. Additionally I installed personalDNSfilter and I forward all traffic on port 53 to personalDNSfilter port (5300) and I configured it to use the DoT services I want. So I can use NetGuard for ad and tracking filtering, tor for not revealing my IP and I can make use of DoT with my favourite DNS providers.
But you have to bite the bullet of using VPN for either NetGuard or personalDNSfilter so it can’t be used for other scenarious.
As I can see on your screenshot, it is a local network (LAN) IP address for your DNS.
Assuming you’re connecting with WiFi, you can set your WiFi connection to static IP, giving your DNS address, and set Private DNS to “Off”.
Not confirmed here about Google.
Setting my device to 4G only and Private DNS to “Off”, it will use my provider’s:
If this has to be done separately: How can the DNS server be changed
when using a celluar network?
That’s not the point. The point is, that every resolving of a DNS
name implies contacting a DNS server, which therefore gains the
knowledge when and which names are requested. Also, my question is
how to set the DNS server, not discussing about whether this should be