# What is DoT

DNS over TLS (DoT) is a security protocol for encrypting and wrapping Domain Name System (DNS) queries and answers via the Transport Layer Security (TLS) protocol. The goal of the method is to increase user privacy and security by preventing eavesdropping and manipulation of DNS data via man-in-the-middle attacks. (Wikipedia (opens new window))

# Our DoT Servers

# Hostname for TLS Authentication

dot.sb

Note: The old hostname dns.sb will be deprecated soon.

# TLS Port

  • 853

# IPv4

  • 185.222.222.222
  • 45.11.45.11

Note: The old address 185.184.222.222 will be deprecated soon.

# IPv6

  • 2a09::
  • 2a11::

Note: The old address 2a09::1 will be deprecated soon. When using IPv6 address, you must use specific hostname dot.sb

# IPv6 with Full Address

  • 2a09:0000:0000:0000:0000:0000:0000:0000
  • 2a11:0000:0000:0000:0000:0000:0000:0000

No Logging, DNSSEC enabled

# SPKI Pin

efdp4GFB1+an2drZsUkcaMeZGQJcpHpzVBcVa9zgmGo=

# Example Configurations

# Unbound

unbound.conf (opens new window)

# How to set DNS.SB DoT Server