Australian DNS resolver

Location: Sydney, Australia

Features

Installation

Windows

In an elevated Terminal run the following:

Add-DnsClientDohServerAddress -ServerAddress 139.99.222.72 -DohTemplate https://doh-2.seby.io/dns-query -AutoUpgrade $True

Add-DnsClientDohServerAddress -ServerAddress 45.76.113.31 -DohTemplate https://doh.seby.io:8443/dns-query -AutoUpgrade $True

In Settings-> Network & internet -> Advanced network settings -> [your network adapter] -> View Additional Properties -> DNS server assignment Edit

Under DNS server assignment press the Edit button and set it to Manual. Next flip the IPv4 swith to ON and the enter 45.76.113.31 and 139.99.222.72 as the DNS servers

Finally choose Encrypted only (DNS over HTTPS) and hit save

iOS

Download the DNS profile from encrypted-dns.party or create your own: https://dns.notjakob.com/tool.html

Server Details

dns.seby.io - Vultr

IPv4 address: 45.76.113.31

This server is also part of the NTP pool project

DNSCrypt

Provider Name: 2.dnscrypt-cert.dns.seby.io

DNSCrypt Ports: 443 (default), 5353, 8080

Public key: 0854:6878:8BA7:8A5E:A945:EA8F:4583:DD9C:803D:9670:3BCA:409E:EFFD:6AB8:5EB4:2C56

Stamp: sdns://AQcAAAAAAAAADDQ1Ljc2LjExMy4zMSAIVGh4i6eKXqlF6o9Fg92cgD2WcDvKQJ7v_Wq4XrQsVhsyLmRuc2NyeXB0LWNlcnQuZG5zLnNlYnkuaW8

Stamp was generated with https://dnscrypt.info/stamps

DNS-over-HTTPS (DoH)

HTTP/2 port: 8443

Hostname: doh.seby.io

Path: /dns-query

Stamp: sdns://AgcAAAAAAAAADDQ1Ljc2LjExMy4zMSA-GhoPbFPz6XpJLVcIS1uYBwWe4FerFQWHb9g_2j24OBBkb2guc2VieS5pbzo4NDQzCi9kbnMtcXVlcnk

Stamp was generated with https://dnscrypt.info/stamps. Command used to get the hash: dnscrypt-proxy -show-certs

TLS Setup: ImmuniWeb report

DNS-over-TLS (DoT)

TLS port: 853

Hostname: dot.seby.io

Out-of-Band public key pin: YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg=

Command used: kdig -d @45.76.113.31 +tls-ca +tls-host=dot.seby.io example.com

TLS Setup: ImmuniWeb report

dns.seby.io - OVH

IPv4 address: 139.99.222.72

DNSCrypt

Provider Name: 2.dnscrypt-cert.dns.seby.io

DNSCrypt Ports: 8443

Public key: 0B05:684F:0D0B:E1D8:1A97:92C2:D456:D952:D1ED:2D1F:EB56:E57A:AD59:F13B:DE5E:E065

Stamp: sdns://AQcAAAAAAAAAEjEzOS45OS4yMjIuNzI6ODQ0MyB3NPVeil3tZfA7hH0fz-MBp7VSd6pprpccj78c5dOjFRsyLmRuc2NyeXB0LWNlcnQuZG5zLnNlYnkuaW8

Stamp was generated with https://dnscrypt.info/stamps

DNS-over-HTTPS (DoH)

HTTP/2 port: 443

Hostname: doh-2.seby.io

Path: /dns-query

Stamp: sdns://AgcAAAAAAAAADTEzOS45OS4yMjIuNzIgPhoaD2xT8-l6SS1XCEtbmAcFnuBXqxUFh2_YP9o9uDgRZG9oLTIuc2VieS5pbzo0NDMKL2Rucy1xdWVyeQ

Stamp was generated with https://dnscrypt.info/stamps. Command used to get the hash: dnscrypt-proxy -show-certs

TLS Setup: ImmuniWeb report, SSL Labs report

DNS-over-TLS (DoT)

TLS port: 853

Hostname: dot.seby.io

Out-of-Band public key pin: YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg=

Command used: kdig -d @139.99.222.72 +tls-ca +tls-host=dot.seby.io example.com

TLS Setup: ImmuniWeb report


Unbound - DoT Example:
server:
  port: 53
forward-zone:
  name: "."
    forward-tls-upstream: yes
    forward-addr: 45.76.113.31@853
    forward-addr: 139.99.222.72@853

The server configuration is freely available on github:

https://github.com/publicarray/dns-resolver-infra

If there are any problems please open an issue or send me a DM.


Notes:

While the resolver is freely available abuse will not be tolerated.

To deal with abuse I may need to capture limited amount of traffic,

this will be discarded after the abuse is dealt with.


Public pgp key: https://keybase.io/publicarray/pgp_keys.asc?fingerprint=ac7b7a03d00d8236b8e6f9d180b9687901b6587c