You need to use an IP address (as opposed to FQDN) for DNS because when your computer starts up, it won't be able to resolve the FQDN to do DNS lookups.
My computer uses unencrypted DNS and sends the queries to my router. My router does the encryption for forwarded DNS queries sent to the internet. There's no need to encrypt DNS traffic in a LAN unless you don't trust this LAN. The WAN (internet) is where evil people try to snoop on you.
You need to use an IP address (as opposed to FQDN) for DNS because when your computer starts up, it won't be able to resolve the FQDN to do DNS lookups.
Cloudflare DNS over TLS famously is using the IP address of 1.1.1.1: https://developers.cloudflare.com/1.1.1.1/encryption/dns-over-tls/
My computer uses unencrypted DNS and sends the queries to my router. My router does the encryption for forwarded DNS queries sent to the internet. There's no need to encrypt DNS traffic in a LAN unless you don't trust this LAN. The WAN (internet) is where evil people try to snoop on you.