Encrypted DNS Server

This page was last modified: 19 Feb 2021 20:14 CE(S)T.

MegaNerd.nl is providing a free encrypted DNS server (SDNS server) and anonymized DNS relay - via DNSCrypt and DNS over HTTPS (DoH).

Why?

Most sites you visit use encryption nowadays (HTTPS), but the ancient DNS protocol doesn't encrypt communication between client and server. In other words: it is sent as plain text and anyone that sniffs your traffic can read and understand the requests you make to translate a domain(name) to an IP address. That makes DNS very vulnarable to man-in-the-middle attacks.

An encrypted DNS server encrypts and authenticates DNS queries. There are several protocols to encrypt DNS. DNSCrypt is one of them and by far the easiest to implement. The best way to enable DNS encryption for yourself is to use dnscrypt-proxy. Download it for your OS and follow the instructions on that page. To further improve privacy, you could enable anonymized DNSCrypt on top of that. You can even use it together with another fantastic piece of software named Pi-hole: see this page for instructions how to do that. The server also supports DNS over HTTPS (DoH) via doh-proxy.

MegaNerd.nl encrypted DNS server characteristics
  • No logs, no filters
  • Encrypted DNS with DNSCrypt v2 (Encrypted DNS Server)
  • Anonymized DNSCrypt relay
  • Aditionally DNS over HTTPS (DoH) support (via doh-proxy)
  • Support for DNSSEC
  • Hosted in Amsterdam, the Netherlands - cloud based server
DNSCrypt server IPv4

Use meganerd in your configuration or this DNS stamp:
sdns://AQcAAAAAAAAAEjEzNi4yNDQuOTcuMTE0OjQ0MyD8qtxwTl7jYLuhTuKVO9Uougk1epDw_OTQOgE4a_-rYhgyLmRuc2NyeXB0LWNlcnQubWVnYW5lcmQ

Anonymized DNSCrypt relay IPv4

Use anon-meganerd in your configuration or this DNS stamp:
sdns://gRIxMzYuMjQ0Ljk3LjExNDo0NDM

DNSCrypt server IPv6

Use meganerd-ipv6 in your configuration or this DNS stamp:
sdns://AQcAAAAAAAAAK1syMDAxOjE5ZjA6NTAwMTpjYmI6NTQwMDozZmY6ZmUwNzpmNzBkXTo0NDMg_KrccE5e42C7oU7ilTvVKLoJNXqQ8Pzk0DoBOGv_q2IYMi5kbnNjcnlwdC1jZXJ0Lm1lZ2FuZXJk

Anonymized DNSCrypt relay IPv6

Use anon-meganerd-ipv6 in your configuration or this DNS stamp:
sdns://gStbMjAwMToxOWYwOjUwMDE6Y2JiOjU0MDA6M2ZmOmZlMDc6ZjcwZF06NDQz

DNS over HTTPS (DoH) server IPv4

Use meganerd-doh-ipv4 in your configuration or this DNS stamp:
sdns://AgcAAAAAAAAADjEzNi4yNDQuOTcuMTE0IDKG_2WmX68yCF7qE4jDc4un43hzyQbM48Sii0zCpYmIGWNoZXdiYWNjYS5tZWdhbmVyZC5ubDo0NDMEL2RvaA

DNS over HTTPS (DoH) server IPv6

Use meganerd-doh-ipv6 in your configuration or this DNS stamp:
sdns://AgcAAAAAAAAAKFsyMDAxOjE5ZjA6NTAwMTpjYmI6NTQwMDowM2ZmOmZlMDc6ZjcwZF0gMob_ZaZfrzIIXuoTiMNzi6fjeHPJBszjxKKLTMKliYgZY2hld2JhY2NhLm1lZ2FuZXJkLm5sOjQ0MwQvZG9o