Do I really have to worry about encrypted DNS like DNS over HTTPS (DoH) in IOS 18?

I would suggest that using Apple's Private Relay is an excellent tool in terms of privacy. If that is what you want your want from it, then I doubt that there is a better alternative considering that it's a native solution and you are already putting trust in the associated Apple OS so you may as well use it.

One consideration is that another great feature of using an alternative DNS provider (over DoH) is for content blocking. DNS providers that provide blocking capabilities (e.g. NextDNS, Mullvad, and many others) allow either a simple level of blocking (e.g. malware and ads), or highly customizable blocking if you have created an account. NextDNS for example allows tremendous control of crowdsourced heuristics based blocking, custom domain blocking, and even the ability to add well-maintained block lists such as OISD, AdGuard, HaGeZi, and dozens of other lists depending on how aggressive you want your block list.

It's unfortionate but true that the modern web is no longer a safe or enjouable place without some level of blocking of resources. By using DNS to do so, the worst of unwanted resources are effectively nutralized prior to even reaching your device. In that way, any additional filters applied at a browser level (e.g. uBlock Origin) only need to pick up the remaining slack which helps with performance.

These are just some thoughts based on my own experimentation and preferences. It is however unfortionate that you cannot use a custon DoH provider and Private Relay both. You need to choose the one that best meets your personal needs.

I agree with you as well. I am also an app minimalist and like to do what I can within reason to improve upon my privacy and security.

I did some testing today because when Private Relay was first added to macOS and iOS, it was incompatible with NextDNS (and likely other DoH providers). However, after some reading today I found that it is now somewhat compatible. I have tested in iOS and now seem to be able to use both, which is great. It appears that using the NextDNS app in conjunction with Private Relay works as expected in Safari on iOS. When I look at my NextDNS account in Safari iOS, it confirms that I am using the correct account profile. I can also add a site to by NextDNS Denylist and it's blocked in Safari iOS. So NextDNS is functioning as expected in terms of blocking. In addition, when I check my public IP address in Safari iOS it shows an IP from a city in my time zone but hundreds of miles away (per my Private Relay settings). So, Private Relay also seems to be working correctly.

This seems to be the best of both worlds for everyday use -- some privacy through Private Relay, and blocking through the use of NextDNS or other DoH account provider.

I did find a post by NextDNS that states "When Apple Private Relay is enabled, your DNS actually becomes Cloudflare (or Akamai/Fastly). When a DNS mobile configuration is used, we (NextDNS) convinced Apple to also check the DNS resolver of the mobile configuration in parallel. The result of the DNS request is ignored, unless it returns a blocking response, in which case the whole DNS resolution is blocked." Therefore, you are actually making two DNS requests but the one to the DoH profile server is simply to determine to block, and if not, then Cloudflair DNS is actually providing resolution per the functionality of Private Relay (which I am fine with). One functional casualty of this arrangement is that a few features like custom DNS block pages and any redirects no longer work, but blocking does function.

So, for now, I'm leaving both enabled for typical everyday browsing in Safari iOS.