Skip to content

Instantly share code, notes, and snippets.

@groundcat

groundcat/use-dns-over-quic-linux.md

Last active March 19, 2025 09:08
Show Gist options
  • Save groundcat/e983e1c25be7fa0d3c977cefe523c4fd to your computer and use it in GitHub Desktop.
Save groundcat/e983e1c25be7fa0d3c977cefe523c4fd to your computer and use it in GitHub Desktop.
Download ZIP
How to install DoQ (DNS-over-QUIC) client on Linux
Raw
use-dns-over-quic-linux.md

DNS Proxy is a simple DNS proxy server that supports all existing DNS protocols including DNS-over-TLS, DNS-over-HTTPS, DNSCrypt, and DNS-over-QUIC. Moreover, it can work as a DNS-over-HTTPS, DNS-over-TLS or DNS-over-QUIC server.

1. Install DNS Proxy

VERSION=$(curl -s https://api.github.com/repos/AdguardTeam/dnsproxy/releases/latest | grep tag_name | cut -d '"' -f 4) && echo "Latest AdguardTeam dnsproxy version is $VERSION"
wget -O dnsproxy.tar.gz "https://github.com/AdguardTeam/dnsproxy/releases/download/${VERSION}/dnsproxy-linux-amd64-${VERSION}.tar.gz"
tar -xzvf dnsproxy.tar.gz
cd linux-amd64
mv dnsproxy /usr/bin/dnsproxy

2. Connect DoQ (DNS-over-QUIC) Server

Note: Replace quic://dns.nextdns.io with your customized NextDNS address quic://xxxx.nextdns.io

dnsproxy -l 127.0.0.1 -p 53 -u quic://dns.nextdns.io -b 146.255.56.98:53

Now we can open another terminal to test DNS

root@dns ~ # dig example.com @127.0.0.1

; <<>> DiG 9.16.15-Debian <<>> example.com @127.0.0.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22295
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;example.com.			IN	A

;; ANSWER SECTION:
example.com.		1094	IN	A	93.184.216.34

;; Query time: 3 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Fri Jul 02 13:07:43 UTC 2021
;; MSG SIZE  rcvd: 56

We can see the response server SERVER: 127.0.0.1#53(127.0.0.1) is working fine.

3. Keep DNS Proxy running in background

We use Supervisor (opens new window):

apt install supervisor -y

Then create a config file

cat > /etc/supervisor/conf.d/dnsproxy.conf <<EOF
[program:dnsproxy]
command = dnsproxy -l 127.0.0.1 -p 53 -u quic://dns.nextdns.io -b 146.255.56.98:53
user = root
autostart = true
autorestart = true
stdout_logfile = /var/log/supervisor/dnsproxy.log
stderr_logfile = /var/log/supervisor/dnsproxy.error.log
environment = LANG="en_US.UTF-8"
EOF

Now let's restart Supervisor

systemctl restart supervisor

4. Change /etc/resolv.conf

We can use the same method like How to change DNS settings on Linux, open /etc/resolv.conf

vim /etc/resolv.conf

Replace the nameserver lines with

nameserver 127.0.0.1

Save the file and it's working now.

Reference:https://dns.sb/guide/doh/linux/#_3-keep-dns-proxy-running-in-background

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment