Routing DNSCrypt through the Tor network should, in theory, anonymize DNS queries. This configuration would result in the DNS resolver observing the IP address of the Tor exit node rather than my actual IP address, thus hiding my identity from the resolver. I’m not sure why the actual request to the site would go to the IP directly.
For implementing DNS over HTTPS (DoH) via Tor, I followed the guidelines from this GitHub repository and translated them into my current approach.
I’ve gone through DNSCrypt’s logs, but nothing really stood out. I’m a bit lost with Wireshark - there’s so much data even if I filter it by DNS or Tor Socks Port (From my relay).
While you asked about the basis for my conclusions, it’s worth noting that if the Tor proxy were working as intended, I would also anticipate a considerable increase in latency. There’s a huge difference when I enter https://one.one.one.one/help/ normally with "Use system proxy settings"
in my browser and when I enter it with a "Manual proxy configuration"
with the SOCKS Host set up
and "Proxy DNS when using SOCKS v5"
checked on.
The simplified sequence diagram really helps to picture it. I’ll PM you with the logs.