Q&A Which DNS Server do you use? /DNS Tunnelling

Which DNS Server(s) do you use?


  • Total voters
    163

TairikuOkami

Level 14
Content Creator
Joined
May 13, 2017
Messages
688
OS
Windows 10
#81
I use DNS.Watch on my router and on my computer and Yandex DNS via dnscrypt in Yandex browser, I really like multiple DNS, it is good for troubleshooting.

I would prefer either Adguard DNS Family, but without blocking ADs, it slows down browsing or Yandex Family, but it is not possible in Yandex browser. :rolleyes:
 

Slyguy

Level 32
Joined
Jan 27, 2017
Messages
2,162
OS
Other OS
#82
I use DNS.Watch on my router and on my computer and Yandex DNS via dnscrypt in Yandex browser, I really like multiple DNS, it is good for troubleshooting.

I would prefer either Adguard DNS Family, but without blocking ADs, it slows down browsing or Yandex Family, but it is not possible in Yandex browser. :rolleyes:
Adguard DNS fails for me because it routes to Russia. Until they get their records right with my ISP I can't use them.
 

TairikuOkami

Level 14
Content Creator
Joined
May 13, 2017
Messages
688
OS
Windows 10
#83
Adguard DNS fails for me because it routes to Russia. Until they get their records right with my ISP I can't use them.
What exactly is the issue? By the way, Adguard does not have its own servers, it is chained via OpenDNS/GoogleDNS and etc.

We use DNS servers of the data center as upstream DNS, they use somebody else's servers and so on. I suppose that somewhere in that chain may be google dns as well.
 

Attachments

Evjl's Rain

Level 35
Content Creator
Trusted
AV-Tester
Joined
Apr 18, 2016
Messages
2,459
OS
Windows 8.1
Antivirus
Avast
#84
You may also want to add Alternate DNS.. Secured DNS w/Ad+Malvertising block. Much faster than Adguard in my tests.

Alternate DNS - Ad Blocking DNS Server
Primary: 198.101.242.72
Secondary: 23.253.163.53
alternateDNS is indeed very fast and effective
however, after 2 months of using it, when I visited a website, it showed a website that my trial was expired and require an upgrade to premium version to continue the service. I think they just added it recently

they didn't mention anything related to trial period for home users
only trial for business clients

no longer recommended because of this

adguard DNS is too slow and unstable for my liking in my 2 countries trying it
 

Slyguy

Level 32
Joined
Jan 27, 2017
Messages
2,162
OS
Other OS
#85
Adguard DNS routes to Russia. ISP issue. They can't help me, we've already gone over this on their forums unfortunately.

I'd consider the $2.99 a month for Alternate DNS, trivial expense for a very fast, adblocking DNS. I might give it a try when I get a chance. They appear to have ended their free consumer product.
 
Last edited:

Slyguy

Level 32
Joined
Jan 27, 2017
Messages
2,162
OS
Other OS
#86
Remember if you use Heimdal, it will override your DHCP DNS settings and point to loopback on your computers. Then it will implement it's own securedDNS for itself to function with traffic filtration AND VectorN. So if you want to use one of these DNS, and use most of Heimdal features, it's not going to work as Heimdal will bypass your router DNS.

It's still beneficial to make this change on your router even if you want Heimdal on because it would help protect everything on your network that doesn't use Heimdal.
 
Joined
Apr 1, 2017
Messages
1,461
OS
Windows 10
Antivirus
ESET
#87
Use Simple DNSCrypt then choose from the resolvers (with DNSCrypt and DNSSEC support) below. Choose with no-log as well.
thnx for your complete list and info.
if you use the Yandex browser you don't need to install Simple DNS Crypt:--)
Easy just set you DNS in DNS watch and then pick one DNS from Yandex DNS list(all of them are DNS servers with DNS crypt encryption)
in my case: DNS watch+ns0.dnscrypt.is in Reykjavík, Iceland so my isp can suck it:p
 

HarborFront

Level 39
Content Creator
Joined
Oct 9, 2016
Messages
2,893
#88
thnx for your complete list and info.
if you use the Yandex browser you don't need to install Simple DNS Crypt:--)
Easy just set you DNS in DNS watch and then pick one DNS from Yandex DNS list(all of them are DNS servers with DNS crypt encryption)
in my case: DNS watch+ns0.dnscrypt.is in Reykjavík, Iceland so my isp can suck it:p
Yandex don't support DNSSEC and no-log
 
Likes: show-Zi
Joined
Apr 1, 2017
Messages
1,461
OS
Windows 10
Antivirus
ESET
#91
First, you show me that Yandex can't :D
I set my DNS to ns0.dnscrypt.is in Reykjavík, Iceland(from Yandex list) which supports DNSSEC!so Yandex can support DNSSEC :0
 

HarborFront

Level 39
Content Creator
Joined
Oct 9, 2016
Messages
2,893
#92
First, you show me that Yandex can't :D
I set my DNS to ns0.dnscrypt.is in Reykjavík, Iceland(from Yandex list) which supports DNSSEC!so Yandex can support DNSSEC :0
Check

List of Public DNS Servers [wiki.ipfire.org]

These are the original Yandex DNS servers

Yandex.DNS

Sometimes a DNS server provider may include other DNS server providers e.g. UncensoredDNS is a good example. It's original DNS servers do NOT support DNSSEC but it has other providers' servers which support DNSSEC
 
Last edited:
Joined
Apr 1, 2017
Messages
1,461
OS
Windows 10
Antivirus
ESET
#93
What is it mate?!it's about Yandex DNS, not Yandex browser:oops: YandexDNS don't support DNSSEC but the Yandex browser doesn't use Yandex DNS you can choose Yandex DNS when you want to pick one dns from Yandex DNS's list Yandex DNS is there!
you can set your dns in ipv6 or/and ipv4 and chose one dns from Yandex DNS list! I guess you don't know what I mean!
this link is about Yandex DNS, not the browser.
 

HarborFront

Level 39
Content Creator
Joined
Oct 9, 2016
Messages
2,893
#94
What is it mate?!it's about Yandex DNS, not Yandex browser:oops: YandexDNS don't support DNSSEC but the Yandex browser doesn't use Yandex DNS you can choose Yandex DNS when you want to pick one dns from Yandex DNS's list Yandex DNS is there!
you can set your dns in ipv6 or/and ipv4 and chose one dns from Yandex DNS list! I guess you don't know what I mean!
this link is about Yandex DNS, not the browser.
Ok you are right

Yandex — Company blog — Yandex Browser Pioneers Built-in DNS Security

The option to select a DNS sever is there in the Yandex browser
 
Joined
Apr 1, 2017
Messages
1,461
OS
Windows 10
Antivirus
ESET
#95
Yes hahaha I already did a lot of search and investigations:p so the best combo is dns watch(internet settings)+ns0.dnscrypt.is in Reykjavík, Iceland
But it's for me maybe another guy wants to use another server! i prefer this combo
for dns watch you need to pick a server which supports DNSSEC
 
Last edited:
Likes: show-Zi

HarborFront

Level 39
Content Creator
Joined
Oct 9, 2016
Messages
2,893
#97
I'm always using PIA's DNS servers because my devices automatically connect to the VPN when they boot.
Using the VPN provider's DNS servers is the best provided you can trust them not to collect your personal data. Just make sure they don't redirect the DNS queries to other public DNS servers like Google Public DNS, OpenDNS etc i.e. they must have their own dedicated DNS servers
 

HarborFront

Level 39
Content Creator
Joined
Oct 9, 2016
Messages
2,893
#98
Yes hahaha I already did a lot of search and investigations:p so the best combo is dns watch(internet settings)+ns0.dnscrypt.is in Reykjavík, Iceland
But it's for me maybe another guy wants to use another server! i prefer this combo
for dns watch you need to pick a server which supports DNSSEC
Am I right that you selected 2 DNS servers

DNS.Watch
ns0.dnscrypt.is

I think DNS.Watch don't support DNSCrypt. It supports only DNSSEC and no-logging. If you use it that means your DNS queries are NOT encrypted

The second one is ok for it supports DNSCrypt, DNSSEC and no-logging
 
Joined
Aug 28, 2015
Messages
273
OS
Windows 10
Antivirus
ESET
#99
Adguard DNS fails for me because it routes to Russia. Until they get their records right with my ISP I can't use them.
Same here. I was using it until they changed some stuff. I know one of the devs mentioned getting another hosting company to help alleviate it. I am in the US and get routed through Europe now lol. So it's a no go for me.
 
Last edited:

HarborFront

Level 39
Content Creator
Joined
Oct 9, 2016
Messages
2,893
One more Secure DNS server to share. It's from Pi Hole

It's IP4 address is 192.168.1.200

I think it's using other Secure DNS providers like Google Public DNS, OpenDNS, Norton ConnectSafe and Comodo Secure DNS
 
Likes: show-Zi