Re: Windows Server
Think this is the key point, if your ISP wants to force you to use their DNS server at the moment, it's easy for them to limit port 53 to just their DNS servers? Same would apply to DoT on port 853.
DoH being mingled in with https means they need to block a (huge) list of alternative DoH servers.
What's NOT broken (if your ISP router gets DoH support, or you can do the same at the OS level) is the ability to force your DNS client to use Cisco Umbrella or similar DNS filtering service or EVEN use the ISP's own DNS filtering servers - which will no doubt be the default setup for many ISPs anyway?