Why and how to use third party dns in China

发表于 2017-03-10   |   分类于 Posts

Your ISP(Internet service provider) runs DNS servers for you, most of needn't to care about it.

Why to use third party dns in China

In China, DNS spoofing is a common phenomenon. For example, I want to query the dns record of google.com on my PC.

dig @ google.com +short

It return with fake ip which is an Italian ip address.
That's why to choose a thrid party dns server.
Popular third-party DNS providers like Google Public DNS or OpenDNS may be faster for you(if you are not in china)

dig @ google.com +short
; <<>> DiG 9.11.0 <<>> @ google.com +short
; (1 server found)
;; global options: +cmd
;; connection timed out; no servers could be reached

OK, I can't connect to Don't be too sad, there are still some 3rd party dns can be use in China. #Versign #OpenDNS #Yandex #Aliyun #USTC

If you are using non-chinese dns in China, sometimes, the result of dns query may be not fit for you.
For an example, you were visiting youku.com(a media website in china), foreign dns server offen return a cdn ip that not feat for china users, you would found that it is to slow to watch video.

How to configue dns with 3rd server

If you ISP don't block non-isp dns server, just look through google 'How to change DNS Servers on your system'.

Unfortunately, my ISP block all dns servers except theirs. So I must find out someways to use 3rd party dns servers.

Custom domains with dnsmasq

Firstly, install Dnsmasq, it is easy to install it by apt-get command.

apt-get install dnsmasq

Then, change dnsmasq config
Dnsmasq config file locaition:/etc/dnsmasq.conf

Change port to a port that you can connet from your pc.
Default DNS port is 53 udp.And I choose 5353 that is easy to memorize.
At the same time, you can uncomment the line #conf-dir=/etc/dnsmasq.d, by doing this, you can put custom dns record in folder /etc/dnsmasq.d.

Restart dnsmasq to make config applied.

service dnsmasq restart

Finally you can use your vps as DNS Server

How to use non-standard port dns on windows?

You can try DNSCrypt.

PS is a DNS provided by CNNIC, many people use this as primarydns server. is a famous IP in china.
DNS spoofing: A DNS cache can become poisoned if it contains an incorrect entry

© 2017 Powered by Typecho & Theme Quark