Why and how to use third party dns in China

发表于 2017-03-10   |   分类于 Posts

Your ISP(Internet service provider) runs DNS servers for you, most of needn't to care about it.

Why to use third party dns in China

In China, DNS spoofing is a common phenomenon. For example, I want to query the dns record of google.com on my PC.

dig @1.2.4.8 google.com +short
93.46.8.89

It return with fake ip 93.46.8.89 which is an Italian ip address.
That's why to choose a thrid party dns server.
Popular third-party DNS providers like Google Public DNS or OpenDNS may be faster for you(if you are not in china)

dig @8.8.8.8 google.com +short
; <<>> DiG 9.11.0 <<>> @8.8.8.8 google.com +short
; (1 server found)
;; global options: +cmd
;; connection timed out; no servers could be reached

OK, I can't connect to 8.8.8.8. Don't be too sad, there are still some 3rd party dns can be use in China.

4.2.2.1 4.2.2.2 #Versign

208.67.222.222 208.67.220.220 #OpenDNS

77.88.8.8 77.88.8.1 #Yandex

223.5.5.5 223.6.6.6 #Aliyun

202.38.64.1 202.112.20.131 202.141.160.95 202.141.160.99 202.141.176.95 202.141.176.99 #USTC

If you are using non-chinese dns in China, sometimes, the result of dns query may be not fit for you.
For an example, you were visiting youku.com(a media website in china), foreign dns server offen return a cdn ip that not feat for china users, you would found that it is to slow to watch video.

How to configue dns with 3rd server

If you ISP don't block non-isp dns server, just look through google 'How to change DNS Servers on your system'.

Unfortunately, my ISP block all dns servers except theirs. So I must find out someways to use 3rd party dns servers.

Custom domains with dnsmasq

Firstly, install Dnsmasq, it is easy to install it by apt-get command.

apt-get install dnsmasq

Then, change dnsmasq config
Dnsmasq config file locaition:/etc/dnsmasq.conf

Change port to a port that you can connet from your pc.
Default DNS port is 53 udp.And I choose 5353 that is easy to memorize.
At the same time, you can uncomment the line #conf-dir=/etc/dnsmasq.d, by doing this, you can put custom dns record in folder /etc/dnsmasq.d.

Restart dnsmasq to make config applied.

service dnsmasq restart

Finally you can use your vps as DNS Server

How to use non-standard port dns on windows?

You can try DNSCrypt.

PS

1.2.4.8 is a DNS provided by CNNIC, many people use this as primarydns server.
93.46.8.89 is a famous IP in china.
DNS spoofing: A DNS cache can become poisoned if it contains an incorrect entry

已有 5 条评论


  1. 路易大叔

    都开始整上英文了

    路易大叔 March 10th, 2017 at 08:52 pm回复
    1. GodwinNovia

      练习英文啊,不用一段时间太生疏了

      GodwinNovia March 10th, 2017 at 10:01 pm回复
  2. 小俊

    nice to meet you 我就会这句...

    小俊 March 21st, 2017 at 11:36 am回复
    1. benzBrake

      benzBrake April 1st, 2017 at 04:09 pm回复
  3. 替天行盗

    好文,拜读,以后常看学习。

    替天行盗 May 26th, 2017 at 01:40 pm回复

发表新评论

© 2017 Powered by Typecho & Theme Quark