is there any Public DNS Server (except openDNS) that have port open other than 53?

1

My ISP block a lot of stuff and it's pain in the ass to setup DNSCrypt (and not possible on some devices like android without rooting) on every devices.

So, i decided to migrate my router firmware to DD-WRT and trying to force redirect all request from 53 to DNS with other port than that one. I found that OpenDNS is open on port 443 as well but to unblock all sites is just impossible because of shared ip system that change every 1-3 minutes (OpenDNS need to know your public IP address to apply the customization filter).

I'm hunting for straight 3 days and come with no avail. did any of you guys know any DNS server that has custom port (port that other than 53) from any country as long as that server is on and open 24/7 or maybe a way to make iptables or dnsmasq to use port 853 ?

N.B : for some reason using these commands :

iptables -t nat -I PREROUTING -p tcp --dport 53 -j DNAT --to 54.255.130.140:443
iptables -t nat -I PREROUTING -p udp --dport 53 -j DNAT --to 54.255.130.140:443

aren't working for 853 port. It seems like that it has different method of requesting DNS.

Kaze Nakazawa

Posted 2018-05-11T16:22:07.253

Reputation: 21

Question was closed 2018-05-11T20:36:57.770

Have you tried Cloudflare? 1.1.1.1, 1.0.0.1`. They're running DNS over TLS on port 853.

– gronostaj – 2018-05-11T16:26:33.637

as i said in the question for unknown reason iptables cant access 853 and as far as i know DD-WRT doesn't have native DNS-over-TLS features – Kaze Nakazawa – 2018-05-11T16:47:32.383

Try to word the commands like this : iptables -t nat -A PREROUTING -i br0 -p udp --dport 53 -j DNAT --to $(nvram get lan_ipaddr) (same for tcp) to use the DNS servers configured on the router. – harrymc – 2018-05-11T16:59:36.007

@harrymc did you mean using the dnsmasq as the one who redirect it ? – Kaze Nakazawa – 2018-05-11T17:05:20.683

@harrymc is it correct if i setup it like this on the dnsmasq option? Additional DNSMasq Options

– Kaze Nakazawa – 2018-05-11T17:42:13.077

Note that 853 isn't DNS – it's DNS-over-TLS. You can't just DNAT it, you need a compatible client. – user1686 – 2018-05-11T17:59:56.180

@grawity of course i know that but its worth to try and thats also why the first question is "did any of you guys know any DNS server that has custom port" instead of the 853 port problem because i got feeling that the dns request is encrypted or something. – Kaze Nakazawa – 2018-05-11T18:04:31.377

Although that doesn’t seem to be documented on the site, uncensoreddns.org accepts queries on port 5353 as well as 53. – Alex Shpilkin – 2018-11-01T17:39:04.080

Answers

1

I found the answer after stumbled upon this github page DNS that not using 53 port. i hope this little list can help the others that got blocked by the ISP's transparent DNS.

Kaze Nakazawa

Posted 2018-05-11T16:22:07.253

Reputation: 21

N.B : some of them are not online anymore including the google dns with 5353 port but i got one that online which is unlocator and unotelly at the moment i post this answer. – Kaze Nakazawa – 2018-05-11T18:45:57.230

Asked: 2018-05-11T16:22:07.253

Viewed: 1 893 times

Active: 2018-05-11T18:42:26.427