LibreDNS
about

This is a DNS service run by LibreOps.

The goal is to offer a public encrypted DNS service, that people can use, to maintain secrecy of their dns traffic, but also circumvent censorship.

We already support DNS over HTTPS and DNS over TLS.

DNS over HTTPS

Endpoint https://doh.libredns.gr/dns-query

DNS over HTTPS (DoH) is best to be configured and used on applications, namely browsers.

At the moment the only browser that has sufficient support is Firefox. To configure Firefox:

  1. Open Firefox settings and navigate to:
    General > Network Settings > Settings
  2. At the bottom of this dialog:
    Enable DNS over HTTPS
  3. Change from the default setting to Custom and fill in:
    https://doh.libredns.gr/dns-query

firefox doh


Blocking Ads and Trackers

We also offer an endpoint that blocks a crowdsourced list of known advertisement and tracking domains.

Endpoint https://doh.libredns.gr/ads

DNS over TLS

IP 116.203.115.192
Port 853
Domain dot.libredns.gr

DNS over TLS (DoT) is best to be configured globally for the entire operating system.

A few clients already support the protocol, and the easiest way is to configure systemd to use it:

  1. Open /etc/systemd/resolved.conf with you favorite editor and sudo rights.
  2. Make sure you have the following options:
    [Resolve]
    DNS=116.203.115.192
    FallbackDNS=127.0.0.1 ::1
    DNSOverTLS=yes

    If you are on systemd < 243, then use opportunistic, instead of yes.

privacy

One of the motives for creating this service was to build a DNS server that will keep a minimum amount of (meta)data and only the bare minimum that is required for its core functionality, in respect to users privacy.

In detail:

  • We keep no logs. Logs are disabled for our DNS daemon.
  • We use a local resolver for the DNS requests. We use OpenNIC as our Tier 1.