DNS over TLS (DoT)
All our DNS servers support encrypted DNS over TLS!
By using our dns servers with DNS over TLS, you will both block (malicious) ads and increase your privacy online!
By using conventional DNS over port 53, even if you are visiting a site using HTTPS, your DNS query is sent over an unencrypted connection. That means that even if you are browsing https://pi-dns.com/, anyone listening to packets on the network knows you are attempting to visit pi-dns.com.
The second problem with unencrypted DNS is that it is easy for a Man-In-The-Middle to change DNS answers to route unsuspecting visitors to their phishing, malware or surveillance site. DNSSEC solves this problem as well by providing a mechanism to check the validity of a DNS answer, but only a single-digit percentage of domains use DNSSEC.
To make the internet safer and to increase the privacy for our users, pi-dns offers DNS resolution over a TLS-encrypted endpoint.
Each DNS server has an DoT endpoint at dot.$location.pi-dns.com that supports encrypted DNS over TLS on port 853. All DoT endpoints are listed below.
TLS Auth Name: dot.westeu.pi-dns.com IPv4: 22.214.171.124 IPv6: 2a01:6f0:ffff:49::abcd Port: 853
TLS Auth Name: dot.northeu.pi-dns.com IPv4: 126.96.36.199 IPv6: 2a01:4f9:c01f:4::abcd Port: 853
TLS Auth Name: dot.westus.pi-dns.com IPv4: 188.8.131.52 IPv6: 2a04:bdc7:100:70::abcd Port: 853
TLS Auth Name: dot.eastus.pi-dns.com IPv4: 184.108.40.206 IPv6: 2a0d:5600:33:3::abcd Port: 853