Karan Sharma

Ramblings on tech, cycling, and finance

08 Oct 2019

DNSCrypt Server

I am running a public DNSCrypt Server hosted in Bengaluru, India on a tiny Digital Ocean droplet. It supports DNSSEC validation, DNScrypt protocol and has caching enabled for faster responses. The DNS queries are forwarded to a vanilla Unbound DNS resolver. To use this DNSCrypt server, you will need a client-side proxy which can forward the queries and resolve them for you. Since DNSCrypt is not widely adopted, you will have to rely on a local proxy like dnscrypt-proxy or dnsproxy.

Connection Info

Resolver Address

Public server address:
Provider public key: c23f7077e04331c5614892f26da0851f088fd9dbf3c1106570180e53a1046866
Provider name: 2.dnscrypt-cert.dns.mrkaran.dev



Filtering and Adblocking

I am also hosting a DOH and DOT server on Adguard which blocks ads and trackers by default. The upstream queries are forwarded to my DNSCrypt server itself.






I have no intentions of logging the DNS queries and if at all I have to turn on the logs to debug any outages, they will be pruned immediately after. Self hosting a public DNS server came out of my frustration of centralizing the DNS queries in the name of better privacy (DOH!), while forgetting the fact that DNS was always meant to be distributed.


I am taking this as a personal challenge to minimise the downtime as much possible and provide a solid DNS service that you can rely on. However there are no guarantees, but don’t let that discourage you. Status page coming soon!