This isn't my analysis; I stole it from Paul Vixie.

That many networks tend to block 853/tcp and not 443/tcp is, literally, a feature of DoT, not a bug.

It's a feature of DoH that it uses a protocol that's way too important to just block outright.

Strange. Those networks must be using a protocol whitelist or something. Luckily, I haven't encountered any networks that will drop 853/tcp outright. All I have is anecdata, but I can't ignore that I haven't seen any reliable statistics about this topic at all. I suspect some businesses or sketchy ISPs will likely block any type of traffic that isn't either DNS or HTTP(S), I haven't seen anyone else use DoT, let alone seen any network care about it.

If I were to encounter such networks regularly (and would not have the option to change network provider), I'd probably switch the DoT port around to 443 or just go directly for DoH.

Why would you ever bother with DoT?

The idea is that eventually ECH will roll out, and then Google and Cloudflare can start offering this from the same IPs that they do the rest of their services, which there will be way too much collateral damage for the censors to block.

State-level censors will at first ask nicely to block specific entries for their ip ranges; either the provider cooperates (then DoH won't help at all) or not.

If not, they won't have problem blocking entirety of Google or Cloudflare, collateral damage be damned. It would be as much Google's or Cloudflare's problem as it would be user's, so they won't do it. They don't allow domain fronting either.