Host your DNS over HTTPS Server just by running ./Arashi.Aoi --upstream 127.0.0.1
.
If you get Permission denied
, run chmod +x ./Arashi.Aoi
to grant execution permission.
OR using Docker. docker run milkey/arashidns.aoi
It is that easy. Use --help
/ -?
to discover more parameters and get help information.
Parameter | Explanation | Example |
---|---|---|
-? / --help |
Show help information | |
-l / --listen |
Set the server listening address and port | 127.0.0.1:2020 |
-u / --upstream |
Set the upstream origin DNS server IP address | 8.8.8.8 |
-t / --timeout |
Set timeout for query to the upstream DNS server (ms) | 500 |
-r / --retries |
Set number of retries for query to upstream DNS server | 5 |
-p / --perfix |
Set your DNS over HTTPS server query prefix | "/dns-query" |
-c / --cache |
Local query cache settings | full / flexible / none |
--log |
Console log output settings | full / dns-query / none |
--tcp |
Set enable upstream DNS query using TCP only | |
--noecs |
Set force disable active EDNS Client Subnet | |
-s / --https |
Set enable HTTPS (Self-Signed Certificate by default, Not Recommended) | |
-pfx / --pfxfile |
Set your pfx certificate file path (with optional password) | "./cert.pfx" |
-pass / --pfxpass |
Set your pfx certificate password | "passw0rd " |
-pem / --pemfile |
Set your pem certificate file path | "./cert.pem" |
-key / --keyfile |
Set your pem certificate key file path | "./cert.key" |
Usually you only need to set them when running in a container (such as Docker).
And generally only ARASHI_VAR
and PORT
need to be set.
Variables | Explanation | Example |
---|---|---|
PORT |
Set the server listening port | 2020 |
ARASHI_ANY |
Set the server listening any address | true |
ARASHI_VAR |
Set start-up parameters (see above) | -u 127.0.0.1 -r 3 |
ARASHI_RUNNING_IN_CONTAINER |
Manual setting is required only if the container is not identified | true |
- Just double-click it, or run
./Arashi.Aoi.exe
in Command Prompt or Powershell, and click the Minimize button. - Use nssm to register ArashiDNS.Aoi as a service. It as a service will restart in the unexpected failure.
- Run
nohup ./Arashi.Aoi --upstream 127.0.0.1 &
or usescreen
. Despite being a dirty approach, it just works. - Use supervisor, pm2, monit, gosuv, or systemd as process daemon and keeping ArashiDNS.Aoi running.
When the ct
parameter's application is not dns-message
, and with a valid name
parameter. ArashiDNS.Aoi provides Google JSON API for DNS over HTTPS (DoH) compatible protocol. Parameters are the same, but cd
, do
, random_padding
are not implemented, they will be ignored.
ArashiDNS.Aoi provides complete IETF DNS-over-HTTPS (RFC 8484) Compatibility. The GET
request needs to contain valid dns
parameters.
Full IPv6 support is available, but in many cases IPv4 is still preferred. You may need to force AAAA
lookups or ipv6 server listening addresses.
EDNS-Client-Subnet is enabled by default. Your upstream origin DNS server also needs to support EDNS-Client-Subnet for it to work. If your server is hosted in ECS or behind CDN, The request need to include X-Forwarded-For
or X-Real-IP
.
If you wish to disable it, please enter EDNS-Client-Subnet IP 0.0.0.0
in your client.
- As a beginner, I seek your kind understanding of the issues in the project.
- If you have bug reports or feature request, please feel free to send issues.
- PRs of new feature implementations or bug fixes are greatly appreciated.
- I am not a native English speaker, so please forgive my typo and grammatical errors. Communication in Chinese is preferred if possible.
ReSharper is a really amazing tool that made my development several times more efficient.
Thanks to JetBrains for providing the ReSharper open source license for this project.
ArashiDNS was born out of open source softwares and the people who support it.
Check out Credits for a list of our collaborators and other open source softwares used.
Copyright (c) 2020 Milkey Tan. Code released under the Mozilla Public License 2.0.