TechnitiumSoftware / DNS-over-HTTPS

An implementation of RFC 8484 - DNS Queries over HTTPS (DoH).
GNU General Public License v3.0
33 stars 16 forks source link
dns dns-over-https dns-server doh doh-service dotnet5

DNS-over-HTTPS

An implementation of RFC 8484 - DNS Queries over HTTPS (DoH). Host your own DoH web service using ASP.NET 7 Runtime that can transform any DNS server to be accessible via the DoH standard protocol.

System Requirements

Download

Install Instructions

Note: You can also run the DNS-over-HTTPS.exe to directly run the DoH console app with built in web server for quick testing.

  1. Edit the appsettings.json file in nano to set the DNS server of your choice.

    sudo nano appsettings.json
  2. Install the DoH app as a systemd daemon:

    sudo cp systemd.service /etc/systemd/system/doh.service
    sudo systemctl enable doh
    sudo systemctl start doh
  3. Make sure that the DoH daemon is running without issues by running:

    journalctl --unit doh --follow
  4. Configure a reverse proxy using a web server like nginx that does the SSL termination for the DoH service. Install the nginx web server using:

    sudo apt-get -y install nginx

Create a config file for your domain name at /etc/nginx/sites-enabled/doh.example.com with the config shown below. Save the certificate and key files to path given as in the config.

server {
    listen 443 ssl;
    server_name doh.example.com;

    ssl_certificate /etc/nginx/ssl/doh-server.crt;
    ssl_certificate_key /etc/nginx/ssl/doh-server.key;

    location / {
        proxy_pass http://127.0.0.1:8053;
    }
}

Reload nginx web server to finish the configuration.

sudo service nginx reload

Note: You can also run dotnet DNS-over-HTTPS.dll command to directly run the DoH console app for quick testing.

The DoH service is available on the /dns-query location on the web site that you are running. If you are running it directly as a console app then your DoH end point URL will be http://localhost:5000/dns-query. For Linux systemd daemon, the DoH end point will be http://localhost:8053/dns-query as per the argument provided in the systemd.service file.

Blog Posts

Configuring DNS-over-TLS and DNS-over-HTTPS with any DNS Server

Support

For support, send an email to support@technitium.com. For any issues, feedback, or feature request, create an issue on GitHub.

Become A Patron

Make contribution to Technitium by becoming a Patron and help making new software, updates, and features possible.

Become a Patron now!