# What is DoT
DNS over TLS (DoT) is a security protocol for encrypting and wrapping Domain Name System (DNS) queries and answers via the Transport Layer Security (TLS) protocol. The goal of the method is to increase user privacy and security by preventing eavesdropping and manipulation of DNS data via man-in-the-middle attacks. (Wikipedia (opens new window))
# Our DoT Servers
# Hostname for TLS Authentication
dot.sb
Note: The old hostname dns.sb
will be deprecated soon.
# TLS Port
853
# IPv4
185.222.222.222
45.11.45.11
Note: The old address 185.184.222.222
will be deprecated soon.
# IPv6
2a09::
2a11::
Note: The old address 2a09::1
will be deprecated soon. When using IPv6 address, you must use specific hostname dot.sb
# IPv6 with Full Address
2a09:0000:0000:0000:0000:0000:0000:0000
2a11:0000:0000:0000:0000:0000:0000:0000
No Logging, DNSSEC enabled
# SPKI Pin
efdp4GFB1+an2drZsUkcaMeZGQJcpHpzVBcVa9zgmGo=
# Example Configurations
# Unbound
unbound.conf (opens new window)