Which DNSCrypt name server to choose?



  • Avatar
    rotblitz (Edited )

    You're wrong here for a basic network course.  This is not what can be achieved in a forum like this.

    "OpenDNS says everyone should use it"

    Really?  This is not what I would know...
    And no, if this is technically over your head, you shouldn't use it.  Just plain OpenDNS would do as well.

    "It has a long list of DNSCrypt "name servers" from which to choose.  Which one should I choose?"

    The DNS services supporting DNSCrypt are listed in the CSV file coming with DNSCrypt.  I believe the current entry for OpenDNS is "cisco" or "cisco-familyshield" for OpenDNS FamilyShield.

    "Also, should I "Disable IPv6 to reduce IPv4 latency"?"

    It's your decision.  If you don't have or don't want IPv6 connectivity, then you really should disable it.

    "Last, why does my VPN not work when I'm using DNSCrypt?"

    Doesn't it?  It should work!  You may copy & paste the complete plain text output of the following diagnostic commands to here when the VPN connection is being enabled:

    nslookup -type=txt debug.opendns.com.
    nslookup whoami.akamai.net.
    netsh interface ipv4 show config

    (Only in case you have IPv6 connectivity:)
    netsh interface ipv6 show addresses
    netsh interface ipv6 show dnsservers


  • Avatar

    Thank you for the specific name server suggestions.  I chose #10, "Cisco OpenDNS".

    I guess what I read is that OpenDNS users are encouraged to use DNSCrypt ... http://bit.ly/2phCbW3 (2nd paragraph)

    I disabled IPv6.

    I will experiment with my VPN to see if my loss of access to the Internet last night was actually due to using it while DNSCrypt was enabled.  If I need to run the diagnostic commands I will post the results here.

    I am using as many privacy tools as I can since my DSL Internet connection and phone landline were hacked into in 2003.  Nothing really seems effective for getting these former co-workers of my off my trail but I guess it doesn't hurt to try everything that's available.  (I know, it sounds unlikely but these former co-workers apparently have little else to do with their time than to electronically harass people.  It's a big problem here in Rapid City, SD... "Podunkville, USA")

    Thank you again!

  • Avatar

    "I am using as many privacy tools as I can"

    Then the Tor Browser is the way to go - you can't get anything more private.  (You'll not be using OpenDNS with it though.)

  • Avatar

    I have cisco OpenDNS set for my dnscrypt-proxy resolver.  Are instances of use of dnscrypt included in my OpenDNS stats page, e.g., on https://dashboard.opendns.com/stats/... .


  • Avatar

    All your DNS traffic seen at OpenDNS will be collected in the stats, no matter if you used DNSCrypt or not.  Your stats do not reflect whether or not you used DNSCrypt.

Please sign in to leave a comment.