Encrypted DNS Server

This page was last modified: 24 May 2022 10:44 CE(S)T.

MegaNerd.nl is providing an encrypted DNS server (SDNS server) and anonymized DNS relay - via DNSCrypt and/or DNS over HTTPS (DoH) at chewbacca.meganerd.nl.

Why?

Most sites you visit use encryption nowadays (HTTPS), but the ancient DNS protocol doesn't encrypt communication between client and server. In other words: it is sent as plain text and anyone that sniffs your traffic can read and understand the requests you make to translate a domain(name) to an IP address. That makes DNS very vulnarable to man-in-the-middle attacks.

An encrypted DNS server encrypts and authenticates DNS queries. There are several protocols to encrypt DNS. DNSCrypt is one of them and by far the easiest to implement. One of the best ways to enable DNS encryption for yourself is to use dnscrypt-proxy. Download it for your OS and follow the instructions on that page. To further improve privacy, you could enable anonymized DNSCrypt on top of that. You can even use it together with another fantastic piece of software named Pi-hole: see this page for instructions how to do that. The server also supports DNS over HTTPS (DoH) via doh-proxy - another way to encrypt your DNS queries.

MegaNerd.nl encrypted DNS server characteristics
  • Free, No logs, no filters
  • Encrypted DNS with DNSCrypt v2 (Encrypted DNS Server)
  • Anonymized DNSCrypt relay
  • DNS over HTTPS (DoH) support (via doh-proxy)
  • Oblivious DNS over HTTPS (ODoH) target server (via doh-proxy)
  • Support for DNSSEC
  • Hosted in Amsterdam, the Netherlands - cloud based server
DNSCrypt server IPv4

Use meganerd in your configuration or this DNS stamp:
sdns://AQcAAAAAAAAAEjEzNi4yNDQuOTcuMTE0OjQ0MyD8qtxwTl7jYLuhTuKVO9Uougk1epDw_OTQOgE4a_-rYhgyLmRuc2NyeXB0LWNlcnQubWVnYW5lcmQ

Anonymized DNSCrypt relay IPv4

Use anon-meganerd in your configuration or this DNS stamp:
sdns://gRIxMzYuMjQ0Ljk3LjExNDo0NDM

DNSCrypt server IPv6

Use meganerd-ipv6 in your configuration or this DNS stamp:
sdns://AQcAAAAAAAAAK1syMDAxOjE5ZjA6NTAwMTpjYmI6NTQwMDozZmY6ZmUwNzpmNzBkXTo0NDMg_KrccE5e42C7oU7ilTvVKLoJNXqQ8Pzk0DoBOGv_q2IYMi5kbnNjcnlwdC1jZXJ0Lm1lZ2FuZXJk

Anonymized DNSCrypt relay IPv6

Use anon-meganerd-ipv6 in your configuration or this DNS stamp:
sdns://gStbMjAwMToxOWYwOjUwMDE6Y2JiOjU0MDA6M2ZmOmZlMDc6ZjcwZF06NDQz

DNS over HTTPS (DoH) server IPv4

Use meganerd-doh-ipv4 in your configuration or this DNS stamp:
sdns://AgcAAAAAAAAADjEzNi4yNDQuOTcuMTE0IJ_hr9b-aPXauUihcpoaY_sdKvKDHBcRLcY6jrYlgdnUFWNoZXdiYWNjYS5tZWdhbmVyZC5ubAQvZG9o

DNS over HTTPS (DoH) server IPv6

Use meganerd-doh-ipv6 in your configuration or this DNS stamp:
sdns://AgcAAAAAAAAAKFsyMDAxOjE5ZjA6NTAwMTpjYmI6NTQwMDowM2ZmOmZlMDc6ZjcwZF0gn-Gv1v5o9dq5SKFymhpj-x0q8oMcFxEtxjqOtiWB2dQVY2hld2JhY2NhLm1lZ2FuZXJkLm5sBC9kb2g

Oblivious DNS over HTTPS (ODoH) server

Use odoh-meganerd in your configuration or this DNS stamp: sdns://BQcAAAAAAAAAFWNoZXdiYWNjYS5tZWdhbmVyZC5ubAQvZG9o