Using DNSCrypt Resolvers in Windows
This tutorial will guide you through the steps to set up DNSCrypt resolvers on a Windows machine.
Steps
Step 1: Download DNSCrypt Proxy
- Visit the DNSCrypt Proxy releases page on GitHub.
- Download the latest version of
dnscrypt-proxy-win64.zip
for 64-bit Windows ordnscrypt-proxy-win32.zip
for 32-bit Windows.
Step 2: Extract the Archive
- Right-click the downloaded ZIP file and select "Extract All..."
- Choose a destination folder and click "Extract".
Step 3: Configure DNSCrypt Proxy
- Navigate to the extracted folder.
- Open the
dnscrypt-proxy
folder. - Copy/rename
example-dnscrypt-proxy.toml
todnscrypt-proxy.toml
. - Edit the
dnscrypt-proxy.toml
file using a text editor (e.g., Notepad). - Search for
[sources]
in the file and add the following block:
### dnscry.pt servers - See https://www.dnscry.pt
[sources.dnscry-pt-resolvers]
urls = ["https://www.dnscry.pt/resolvers.md"]
minisign_key = "RWQM31Nwkqh01x88SvrBL8djp1NH56Rb4mKLHz16K7qsXgEomnDv6ziQ"
cache_file = "dnscry.pt-resolvers.md"
refresh_delay = 72
prefix = "dnscry.pt-"
- (optional) By default,
dnscrypt-proxy
will pick the servers with the lowest latency. You may configure theserver_names
parameter to specify the resolvers you want to use. For example:toml server_names = ['dnscry.pt-frankfurt02-ipv4', 'dnscry.pt-brussels-ipv6']
Step 4: Install DNSCrypt Proxy as a Service
- Open Command Prompt as Administrator:
- Press
Win + X
and select "Command Prompt (Admin)" or "Windows PowerShell (Admin)".
- Press
- Navigate to the
dnscrypt-proxy
directory:sh cd path\to\dnscrypt-proxy
- Install the DNSCrypt proxy service by running:
sh dnscrypt-proxy.exe --service install
- Start the DNSCrypt proxy service:
sh dnscrypt-proxy.exe --service start
Step 5: Configure Network Adapter
- Open the Control Panel and go to "Network and Sharing Center".
- Click on "Change adapter settings" on the left sidebar.
- Right-click your active network connection and select "Properties".
- Select "Internet Protocol Version 4 (TCP/IPv4)" and click "Properties".
- Check "Use the following DNS server addresses" and enter
127.0.0.1
for both the preferred and alternate DNS server. - Click "OK" to apply the changes.
Step 6: Verify DNSCrypt is Working
- Open Command Prompt and run:
sh nslookup -type=txt debug.opendns.com
- You should see a response that includes
dnscrypt
in the output, indicating that DNSCrypt is working correctly.
Troubleshooting
- If you encounter issues, check the
dnscrypt-proxy.log
file in thednscrypt-proxy
directory for error messages. - Ensure that no other DNS services are running on port 53, as this could interfere with DNSCrypt.