- Oct 9, 2016
- 6,025
In search of a DNS server we always look for
1) Must be fast
2) Comes with malware and unwanted web content filtration/blocking
3) Supports DNSCrypt
4) Supports DNSSEC
5) No logging
If you use a VPN you can check the DNS servers' addresses at ipleak.net
If the DNS addresses start with 73.xxx, 74.xxx, 173.xxx, 174.xxxx etc and you do a whois you'll find that they belong to Google in the respective countries.
Now, Google DNS supports DNSSEC and is fast.
We trust the VPN provider in keeping our privacy by not keeping logs. The questions are
1) How do we know that the VPN provider is not redirecting the DNS queries to Google servers directly or proxying them instead?
2) And, even if the VPN provider proxied the queries, are our DNS queries still being encrypted since Google DNS servers don't support DNSCrypt?
3) Is the VPN provider encrypting the DNS queries as in 2)? Or encryption is not required?
1) Must be fast
2) Comes with malware and unwanted web content filtration/blocking
3) Supports DNSCrypt
4) Supports DNSSEC
5) No logging
If you use a VPN you can check the DNS servers' addresses at ipleak.net
If the DNS addresses start with 73.xxx, 74.xxx, 173.xxx, 174.xxxx etc and you do a whois you'll find that they belong to Google in the respective countries.
Now, Google DNS supports DNSSEC and is fast.
We trust the VPN provider in keeping our privacy by not keeping logs. The questions are
1) How do we know that the VPN provider is not redirecting the DNS queries to Google servers directly or proxying them instead?
2) And, even if the VPN provider proxied the queries, are our DNS queries still being encrypted since Google DNS servers don't support DNSCrypt?
3) Is the VPN provider encrypting the DNS queries as in 2)? Or encryption is not required?
Last edited: