LibreDNS
about

This is a DNS service run by LibreOps.

The goal is to offer a public encrypted DNS service that people can use to maintain the secrecy of their DNS traffic, but also circumvent censorship.

We already support DNS over HTTPS and DNS over TLS.

DNS over HTTPS

Endpoint https://doh.libredns.gr/dns-query

Blocking Ads and Trackers

We also offer an endpoint that blocks a crowdsourced list of known advertisement and tracking domains.

Endpoint https://doh.libredns.gr/noads

Documentation

DNS over HTTPS (DoH) is best to be configured and used on applications, namely browsers.

  1. Click on the three-dash menu in your browser window.
  2. Select Settings.
  3. Navigate to General > Network Settings > Settings
  4. At the bottom of this dialog: Enable DNS over HTTPS
  5. Change from the default setting to Custom and fill in: https://doh.libredns.gr/dns-query
  1. Click on the three-dot menu in your browser window.
  2. Select Settings.
  3. Scroll down to Privacy and security > Security.
  4. Scroll down and enable the Use secure DNS switch.
  5. Select Custom and fill in https://doh.libredns.gr/dns-query
  1. Go to edge://settings/privacy.
  2. Scroll down to the Security section.
  3. Make sure the Use secure DNS option is enabled.
  4. Select Custom and fill in https://doh.libredns.gr/dns-query
DNS over TLS

IP 116.202.176.26
IPv6 2a01:4f8:1c0c:8274::1
Port 853
Domain dot.libredns.gr

Blocking Ads and Trackers

We also offer an endpoint that blocks a crowdsourced list of known advertisement and tracking domains.

Domain noads.libredns.gr

Documentation

DNS over TLS (DoT) is best to be configured on the operating system.

  1. Open /etc/systemd/resolved.conf with you favorite editor and sudo rights.
  2. Make sure you have the following options:
    [Resolve]
    DNS=116.202.176.26#dot.libredns.gr
    FallbackDNS=127.0.0.1 ::1
    DNSOverTLS=yes

If you want to use the ads blocking endpoint you have to use a different port:
DNS=116.202.176.26#noads.libredns.gr

In latests Android versions you can enable DNS over TLS (DoT) using the "Private DNS" option in settings.

  1. Open Settings and using the Search field type: Private DNS.
  2. From the 3 options (Off, Automatic, Custom), choose the last one. This will prompt you to enter a custom domain.
  3. Type dot.libredns.gr and hit Save. Use noads.libredns.gr if you prefer to use the ads blocking endpoint.

Apple devices support encrypted DNS (both DoH & DoT) via Device Management Profiles.

  1. Using Safari pick the option you prefer below and download the appropriate profile.
  2. Go to Settings and you will see a notification for a new profile downloaded.
  3. Click on the notification and then click Install.

Device Management Profiles

privacy

One of the motives for creating this service was to build a DNS server that will keep a minimum amount of (meta)data and only the bare minimum that is required for its core functionality, in respect to users privacy.

In detail:

  • We keep no logs. Logs are disabled for our DNS daemon.
  • We use a local resolver for the DNS requests. We use OpenNIC as our Tier 1.
For more browser configuration guidelines check our wiki.