search

TechnitiumSoftware / DnsServer

Technitium DNS Server
https://technitium.com/dns/
GNU General Public License v3.0
4.17k stars 409 forks source link

Q&A: Bypassing sanctions with DNS #1010

Open M-Sadegh-M opened 3 weeks ago

M-Sadegh-M commented 3 weeks ago

Hello,

Does your application have the ability to modify DNS requests and send them using the server's IP? somethings like DNS forwarding

I am from one of the countries under U.S. sanctions, and some websites like GitLab, Intel, AMD, etc., are blocked for me due to these sanctions. I need a tool to bypass this issue.

I am looking for a tool similar to the repository below:

https://github.com/bepass-org/smartSNI

the tool does not have a GUI and is not integrated with a user panel.

ShreyasZare commented 3 weeks ago

Thanks for the post. I am not really sure what specific feature you are looking for. The DNS Server can forward requests using encrypted DNS protocols. So, you can configure it to bypass certain restrictions on your network but I am not sure how well it would work for you.

In any case, DNS will just be resolving the IP address and your actual IP address will remain the same when you access those websites. A solution like VPN or Tor should work better for you.

M-Sadegh-M commented 3 weeks ago

but I am not sure how well it would work for you.

Thanks, I submitted that repository to help clarify what feature I mean. I’m looking for a tool that can tunnel a set of websites that are restricted for me because of sanctions.

In any case, DNS will just be resolving the IP address and your actual IP address will remain the same when you access those websites. A solution like VPN or Tor should work better for you.

To explain further, it’s better to mention the following commercial service as an example.

image

https://docs.controld.com/docs/feature-traffic-redirection https://github.com/Control-D-Inc/ctrld

As you see, it can tunnel the request for a certain defined websites on the server side, without the user needing a VPN. Only via DNS.

ShreyasZare commented 3 weeks ago

What you are saying will work for some websites that use CDN networks based on DNS routing for sure but may not work for all of them.

With the DNS server, you can configure Conditional Forwarder zones for those websites and then configure an upstream which will resolve the IP address of the region you desire. If there are too many domain names then you can use the Advanced Forwarding app too.

Other option would be to configure EDNS Client Subnet option in Settings to an IP address in the desired region such that the upstream DNS servers would return domain's IP address near the desired region.