From ebba9c8ef5d688a402912f2d87ede1bf4ef0f7d7 Mon Sep 17 00:00:00 2001
From: Star Brilliant <coder@poorlab.com>
Date: Tue, 14 May 2019 01:13:06 +0800
Subject: [PATCH] Explain why ECS is disabled by some servers

---
 doh-client/doh-client.conf | 14 ++++----------
 1 file changed, 4 insertions(+), 10 deletions(-)

diff --git a/doh-client/doh-client.conf b/doh-client/doh-client.conf
index 054b71f..ba69ebe 100644
--- a/doh-client/doh-client.conf
+++ b/doh-client/doh-client.conf
@@ -21,26 +21,20 @@ upstream_selector = "random"
 #    weight = 50
 
 ## CloudFlare's resolver, bad ECS, good DNSSEC
-#[[upstream.upstream_google]]
-#    url = "https://cloudflare-dns.com/dns-query"
-#    weight = 50
-
-## CloudFlare's resolver, bad ECS, good DNSSEC
-#[[upstream.upstream_google]]
-#    url = "https://1.1.1.1/dns-query"
-#    weight = 50
-
-# CloudFlare's resolver, bad ECS, good DNSSEC
+## ECS is disabled for privacy by design: https://developers.cloudflare.com/1.1.1.1/nitty-gritty-details/#edns-client-subnet
 [[upstream.upstream_ietf]]
     url = "https://cloudflare-dns.com/dns-query"
     weight = 50
 
 ## CloudFlare's resolver, bad ECS, good DNSSEC
+## ECS is disabled for privacy by design: https://developers.cloudflare.com/1.1.1.1/nitty-gritty-details/#edns-client-subnet
+## Note that some ISPs have problems connecting to 1.1.1.1, try 1.0.0.1 if problems happen.
 #[[upstream.upstream_ietf]]
 #    url = "https://1.1.1.1/dns-query"
 #    weight = 50
 
 ## Quad9's resolver, bad ECS, good DNSSEC
+## ECS is disabled for privacy by design: https://www.quad9.net/faq/#What_is_EDNS_Client-Subnet
 #[[upstream.upstream_ietf]]
 #    url = "https://9.9.9.9/dns-query"
 #    weight = 50