Australian DNS resolver

Location: Sydney, Australia

Features

Installation

Windows

In an elevated Terminal run the following:

Add-DnsClientDohServerAddress -ServerAddress 45.76.113.31 -DohTemplate https://doh.seby.io/dns-query -AutoUpgrade $True

In Settings-> Network & internet -> Advanced network settings -> [your network adapter] -> View Additional Properties -> DNS server assignment Edit

Under DNS server assignment press the Edit button and set it to Manual. Next flip the IPv4 swith to ON and the enter 45.76.113.31 and 139.99.222.72 as the DNS servers

Finally choose Encrypted only (DNS over HTTPS) and hit save

iOS

Download the DNS profile or create your own: https://dns.notjakob.com/tool.html

Server Details

dns.seby.io - Vultr

IPv4 address: 45.76.113.31

This server is also part of the NTP pool project

DNS-over-HTTPS (DoH)

HTTP/2 port: 443

Hostname: doh.seby.io

Path: /dns-query

Stamp: sdns://AgcAAAAAAAAADDQ1Ljc2LjExMy4zMSA-GhoPbFPz6XpJLVcIS1uYBwWe4FerFQWHb9g_2j24OA9kb2guc2VieS5pbzo0NDMKL2Rucy1xdWVyeQ

Stamp was generated with https://dnscrypt.info/stamps. Command used to get the hash: dnscrypt-proxy -show-certs

TLS Setup: ImmuniWeb report

DNS-over-TLS (DoT)

TLS port: 853

Hostname: dot.seby.io

Out-of-Band public key pin: YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg=

Command used: kdig -d @45.76.113.31 +tls-ca +tls-host=dot.seby.io example.com

TLS Setup: ImmuniWeb report


Unbound - DoT Example:
server:
  port: 53
forward-zone:
  name: "."
    forward-tls-upstream: yes
    forward-addr: 45.76.113.31@853

The server configuration is freely available on github:

https://github.com/publicarray/dns-resolver-infra

If there are any problems please open an issue.


Notes:

While the resolver is freely available abuse will not be tolerated.

To deal with abuse I may need to capture limited amount of traffic,

this will be discarded after the abuse is dealt with.