erm, how do you mean? DoH and DoWG have essentially the same security properties, no? With authoritative servers only responding in the clear, you have to trust some egress provider. If I'm understanding it correctly, the only use case for DoH is for end users that don't have a remote box to trust with their egress.
Which certainly is a worthy segment. It just seems like any DIY network setup would be orthogonal to that. And so there's no point addressing DoH on your local network unless you're trying to mitigate DoH's effects on eg ad blocking.
US ISPs are currently, actively, aggressively manipulating DNS. People shouldn't trust their ISP DNS. If they run normal DNS to a third-party resolver, their ISPs still see their queries. If they use DoH, they can't. If they use WireGuard, their ISP sees even less of their traffic, but WireGuard is harder to set up than DoH, which your browser will do for you.
Sure, but the post I was responding to was detailing how to set up your own DoH server, which is not so trivial.
I suppose you could set up an Internet-facing DoH server, and then point their routers (dhcp servers) at your new DoH server, rather than heavy-configuring their premise routers to use wireguard. (Of course then you're installing your server as a point of failure, which is probably not what you want to do!)
