dns-over-https
Knot Resolver
Our great sponsors
dns-over-https | Knot Resolver | |
---|---|---|
3 | 9 | |
1,881 | 335 | |
- | 2.1% | |
6.7 | 9.5 | |
14 days ago | 3 days ago | |
Go | C | |
MIT License | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
dns-over-https
-
Bypass Transparent DNS Proxy
I search for tools and found dns-over-https. This tool uses Go (1.13 or newer) so it's not a big deal for me since I already use Go. Just clone the repo and compile and then execute doh-client (Go should be available on your system):
-
Kominfo can suck a huge one
My suggestion: Choose providers that support DNSSEC or server with DoH written in Go (aka m13253). Or if you are interested in new technology, you can try providers that implement Knot Resolver (DoH2).
-
Unbound Now Supports Dns Over Https
I concur, right now this method is a little convoluted unless the goal is to take advantage of an upstream VPS. This would only encrypt DNS traffic from the VPS to the requesting devices providing the requesting device also sets up a DoH client. It is way easier to just run an encrypted Wireguard or OpenVPN connection and get a full encryption versus DNS only. Wireguard or OpenVPN can be configured for DNS-only as well. Other methods of creating a DoH server can be done with https://github.com/m13253/dns-over-https/ and Nginx proxy.
Knot Resolver
- Systemd through the eyes of a musl distribution maintainer
- EU is building its own DNS service
- DNS server recommendation?
- Knot Resolver
-
Reasons to use unbound
Have you considered Knot resolver too?
-
Why might you run your own DNS server?
Knot-resolver (https://www.knot-resolver.cz/) you can't beat it's normal caching, proactive caching, stale caching, scriptability, basic stats information. It supports DNS, DNS over tls, doh, etc etc.
-
Add check-spelling to a repository
Originally posted by @tomaskrizek in https://github.com/CZ-NIC/knot-resolver/pull/75#discussion_r752569877
-
Kominfo can suck a huge one
My suggestion: Choose providers that support DNSSEC or server with DoH written in Go (aka m13253). Or if you are interested in new technology, you can try providers that implement Knot Resolver (DoH2).
-
What do you self-host that no one's heard of?
Knot DNS for auth dns and Knot resolver for recursive dns. I always seem to have issues with unbound so I'm using it instead.
What are some alternatives?
dnscrypt-proxy - dnscrypt-proxy 2 - A flexible DNS proxy, with support for encrypted DNS protocols.
Unbound - Unbound is a validating, recursive, and caching DNS resolver.
dnsproxy - Simple DNS proxy with DoH, DoT, DoQ and DNSCrypt support
PowerDNS - PowerDNS Authoritative, PowerDNS Recursor, dnsdist
DNS-over-HTTPS - An implementation of RFC 8484 - DNS Queries over HTTPS (DoH).
Bind - Mirror of https://gitlab.isc.org/isc-projects/bind9, please submit issues and PR/MRs in the GitLab. Any issues and PRs opened here will be closed without a comment.
nextdns - NextDNS CLI client (DoH Proxy)
dnsmasq - mirror of dnsmasq (git://thekelleys.org.uk/dnsmasq.git ). This account is NOT maintained by dnsmasq developers. I am happy to give account to them. Please feel free to contact me. 1584171677[at]qq[dot]com
bebasdns - Membantumu berselancar dengan aman dan tidak terbatas!.
Knot DNS - A mirrored repository
pique - An advanced DNS stub with Freedom, Privacy and Security --- THRICE UPON A TIME
Yadifa - YADIFA is a lightweight authoritative Name Server with DNSSEC capabilities. Developed by the passionate people behind the .eu top-level domain, YADIFA has been built from scratch to face today’s DNS challenges, with no compromise on security, speed and stability, to offer a better and safer Internet experience.