dns-over-https
dns
Our great sponsors
dns-over-https | dns | |
---|---|---|
3 | 4 | |
1,879 | 207 | |
- | - | |
6.7 | 0.0 | |
8 days ago | 22 days ago | |
Go | Go | |
MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
dns-over-https
-
Bypass Transparent DNS Proxy
I search for tools and found dns-over-https. This tool uses Go (1.13 or newer) so it's not a big deal for me since I already use Go. Just clone the repo and compile and then execute doh-client (Go should be available on your system):
-
Kominfo can suck a huge one
My suggestion: Choose providers that support DNSSEC or server with DoH written in Go (aka m13253). Or if you are interested in new technology, you can try providers that implement Knot Resolver (DoH2).
-
Unbound Now Supports Dns Over Https
I concur, right now this method is a little convoluted unless the goal is to take advantage of an upstream VPS. This would only encrypt DNS traffic from the VPS to the requesting devices providing the requesting device also sets up a DoH client. It is way easier to just run an encrypted Wireguard or OpenVPN connection and get a full encryption versus DNS only. Wireguard or OpenVPN can be configured for DNS-only as well. Other methods of creating a DoH server can be done with https://github.com/m13253/dns-over-https/ and Nginx proxy.
dns
-
Easy DNS, is it possible?
I use this on my ds920 as a backup to my router https://github.com/qdm12/dns BUT have found with mobile clients it’s faster to use a cloud dns provider, I’m also using on tailscale nextdns.io that integrates well too
-
DNSSEC with unsigned records set
I'm currently implementing a DNSSEC validator (at https://github.com/qdm12/dns). It's working so far, but most zones aren't signed (even google.com it seems). How is a DNSSEC validator meant to handle unsigned cases?
-
Just got started a week ago, self-hosting is very addicting!
If you want you can try my DoT/DoH server qmcgaw/dns:v2.0.0-beta which supports Prometheus & grafana (metrics doc)
-
A Question About How Mullvad's DOH Works
Actually I'm writing my own DoH Client/server at https://github.com/qdm12/dns (on the v2.0.0-beta branch)
What are some alternatives?
dnscrypt-proxy - dnscrypt-proxy 2 - A flexible DNS proxy, with support for encrypted DNS protocols.
gluetun - VPN client in a thin Docker container for multiple VPN providers, written in Go, and using OpenVPN or Wireguard, DNS over TLS, with a few proxy servers built-in.
dnsproxy - Simple DNS proxy with DoH, DoT, DoQ and DNSCrypt support
sdns - A high-performance, recursive DNS resolver server with DNSSEC support, focused on preserving privacy.
DNS-over-HTTPS - An implementation of RFC 8484 - DNS Queries over HTTPS (DoH).
AdGuard-WireGuard-Unbound-DNScrypt - Linux ultimate self-hosted network security guide ║ Linux 终极自托管网络安全指南 ║ Guía definitiva de seguridad de red autohospedada de Linux ║ लिनक्स परम स्व-होस्टेड नेटवर्क सुरक्षा गाइड ║ Окончательное руководство по безопасности собственной сети Linux
nextdns - NextDNS CLI client (DoH Proxy)
dns-over-tls-forwarder - A simple, fast DNS-over-TLS forwarding server with hybrid LRU/MFA caching written in Go.
bebasdns - Membantumu berselancar dengan aman dan tidak terbatas!.
zerotier-dns - A DNS server for ZeroTier virtual networks.
pique - An advanced DNS stub with Freedom, Privacy and Security --- THRICE UPON A TIME
awesome-selfhosted - A list of Free Software network services and web applications which can be hosted on your own servers