LibreDNS

about

This is a DNS service run by LibreOps.

The goal is to offer a public encrypted DNS service that people can use to maintain the secrecy of their DNS traffic, but also circumvent censorship.

We already support DNS over HTTPS and DNS over TLS.

DNS over HTTPS

Endpoint https://doh.libredns.gr/dns-query

DNS over HTTPS (DoH) is best to be configured and used on applications, namely browsers.

To configure your browser:

Firefox
1. Click on the three-dash menu in your browser window.
2. Select Settings.
3. Navigate to General > Network Settings > Settings
4. At the bottom of this dialog: Enable DNS over HTTPS
5. Change from the default setting to Custom and fill in: https://doh.libredns.gr/dns-query
Chrome or Chromium
1. Click on the three-dot menu in your browser window.
2. Select Settings.
3. Scroll down to Privacy and security > Security.
4. Scroll down and enable the Use secure DNS switch.
5. Select Custom and fill in https://doh.libredns.gr/dns-query
Edge
1. Go to edge://settings/privacy.
2. Scroll down to the Security section.
3. Make sure the Use secure DNS option is enabled.
4. Select Custom and fill in https://doh.libredns.gr/dns-query

For more browser configuration guidelines check our wiki.

Blocking Ads and Trackers

We also offer an endpoint that blocks a crowdsourced list of known advertisement and tracking domains.

Endpoint https://doh.libredns.gr/ads

DNS over TLS

IP 116.202.176.26
Port 853
Domain dot.libredns.gr

DNS over TLS (DoT) is best to be configured globally for the entire operating system.

A few clients already support the protocol, and the easiest way is to configure systemd to use it:

Open /etc/systemd/resolved.conf with you favorite editor and sudo rights.
Make sure you have the following options:
[Resolve] DNS=116.202.176.26#dot.libredns.gr FallbackDNS=127.0.0.1 ::1 DNSOverTLS=yes

If you are on systemd < 243, then use opportunistic instead of yes.

Blocking Ads and Trackers

We also offer DoT at a different port that blocks a crowdsourced list of known advertisement and tracking domains.

IP 116.202.176.26
Port 854
Domain dot.libredns.gr

In case you want to update your systemd-resolv configuration file:
[Resolve] DNS=116.202.176.26:854#dot.libredns.gr FallbackDNS=127.0.0.1 ::1 DNSOverTLS=yes

DNS over TLS - IPv6

We also offer IPv6 support for DoH and DoT.

DNS over HTTPS should be transparent in use, DNS Over TLS you should switch to the below IPv6 address. In the below "More info" link, under systemd section, you can find details about IPv6 settings.

IP 2a01:4f8:1c0c:8274::1

links

privacy

One of the motives for creating this service was to build a DNS server that will keep a minimum amount of (meta)data and only the bare minimum that is required for its core functionality, in respect to users privacy.

In detail:

We keep no logs. Logs are disabled for our DNS daemon.
We use a local resolver for the DNS requests. We use OpenNIC as our Tier 1.