Australian DNS resolver

Location: Sydney, Australia

Features

Servers

dns.seby.io - Vultr

IPv4 address: 45.76.113.31

This server is also part of the NTP pool project

DNSCrypt

Provider Name: 2.dnscrypt-cert.dns.seby.io

DNSCrypt Ports: 443 (default), 5353, 8080

Public key: 0854:6878:8BA7:8A5E:A945:EA8F:4583:DD9C:803D:9670:3BCA:409E:EFFD:6AB8:5EB4:2C56

Stamp: sdns://AQcAAAAAAAAADDQ1Ljc2LjExMy4zMSAIVGh4i6eKXqlF6o9Fg92cgD2WcDvKQJ7v_Wq4XrQsVhsyLmRuc2NyeXB0LWNlcnQuZG5zLnNlYnkuaW8

Stamp was generated with https://dnscrypt.info/stamps

DNS-over-HTTPS (DoH)

HTTP/2 port: 8443

Hostname: doh.seby.io

Path: /dns-query

Stamp: sdns://AgcAAAAAAAAADDQ1Ljc2LjExMy4zMSA-GhoPbFPz6XpJLVcIS1uYBwWe4FerFQWHb9g_2j24OBBkb2guc2VieS5pbzo4NDQzCi9kbnMtcXVlcnk

Stamp was generated with https://dnscrypt.info/stamps. Command used to get the hash: env DEBUG=1 dnscrypt-proxy

DNS-over-TLS (DoT)

TLS port: 853

Hostname: dot.seby.io

Out-of-Band public key pin: YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg=

Command used: kdig -d @45.76.113.31 +tls-ca +tls-host=dot.seby.io example.com

Stamp: sdns://AgcAAAAAAAAADDQ1Ljc2LjExMy4zMQAPZG90LnNlYnkuaW86ODUzAA

Stamp was generated with https://dnscrypt.info/stamps
Unbound Example:
server:
  port: 53
forward-zone:
  name: "."
    forward-tls-upstream: yes
    forward-addr: 45.76.113.31@853
Stubby Example:
dns_transport_list: [GETDNS_TRANSPORT_TLS]
tls_authentication: GETDNS_AUTHENTICATION_REQUIRED
listen_addresses:
  - 127.0.0.1@53
upstream_recursive_servers:
  - address_data: 45.76.113.31
    tls_auth_name: "dot.seby.io"
    tls_pubkey_pinset:
      - digest: "sha256"
        value: YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg=

The server configuration is freely available on github:

https://github.com/publicarray/dns-resolver-infra

Please open an issue if there are any problems.


Notes:

No logging means that I don't log dns queries but certain statistics

such as the latency and query status are logged see

https://dns.seby.io/stats.html for pretty graphs


While the resolver is freely available abuse will not be tolerated.

To deal with abuse I may need to capture limited amount of traffic,

this will be discarded after the abuse is dealt with.


Public pgp key: https://keybase.io/publicarray/pgp_keys.asc?fingerprint=ac7b7a03d00d8236b8e6f9d180b9687901b6587c