DNS over TLS (DoT)

All our DNS servers support encrypted DNS over TLS!

By using our dns servers with DNS over TLS, you will both block (malicious) ads and increase your privacy online!

By using conventional DNS over port 53, even if you are visiting a site using HTTPS, your DNS query is sent over an unencrypted connection. That means that even if you are browsing https://pi-dns.com/, anyone listening to packets on the network knows you are attempting to visit pi-dns.com.

The second problem with unencrypted DNS is that it is easy for a Man-In-The-Middle to change DNS answers to route unsuspecting visitors to their phishing, malware or surveillance site. DNSSEC solves this problem as well by providing a mechanism to check the validity of a DNS answer, but only a single-digit percentage of domains use DNSSEC.

To make the internet safer and to increase the privacy for our users, pi-dns offers DNS resolution over a TLS-encrypted endpoint.

DoT Endpoints

Each DNS server has an DoT endpoint at dot.$location.pi-dns.com that supports encrypted DNS over TLS on port 853. All DoT endpoints are listed below.

West Europe

TLS Auth Name: dot.westeu.pi-dns.com
IPv4: 31.220.42.65
IPv6: 2a01:6f0:ffff:49::abcd
Port: 853

North Europe

TLS Auth Name: dot.northeu.pi-dns.com
IPv4: 95.216.181.228
IPv6: 2a01:4f9:c01f:4::abcd
Port: 853

West USA

TLS Auth Name: dot.westus.pi-dns.com
IPv4: 45.67.219.208
IPv6: 2a04:bdc7:100:70::abcd
Port: 853

East USA

TLS Auth Name: dot.eastus.pi-dns.com
IPv4: 185.213.26.187
IPv6: 2a0d:5600:33:3::abcd
Port: 853

Questions? Help?

Do you have any questions? Is something not working as it should? Do you need help setting this up?

Contact us using our contact form here or even better, join our Telegram chat group here.

I’m always glad if I can help or if I get notified when something’s wrong!