etc/stubby.yml
# note this is only an alternate upstream server list for now (this is only
# a fragment, not a complete config)
# also note this goes under the section named upstream_recursive_servers:
# see https://github.com/DNSCrypt/dnscrypt-resolvers/blob/master/v3/public-resolvers.md
# https://pi-dns.com/
- address_data: 2a04:bdc7:100:70::abcd
tls_auth_name: "dot.westus.pi-dns.com"
- address_data: 2a0d:5600:33:3::abcd
tls_auth_name: "dot.eastus.pi-dns.com"
- address_data: 45.67.219.208
tls_auth_name: "dot.westus.pi-dns.com"
- address_data: 185.213.26.187
tls_auth_name: "dot.eastus.pi-dns.com"
# NixNet DNS no logging, no filtering, optional adblock
# https://nixnet.xyz/dns/
- address_data: 2605:6400:20:e6d::1
tls_auth_name: "uncensored.lv1.dns.nixnet.xyz"
- address_data: 209.141.34.95
tls_auth_name: "uncensored.lv1.dns.nixnet.xyz"
- address_data: 2605:6400:10:80e::1
tls_auth_name: "uncensored.ny1.dns.nixnet.xyz"
- address_data: 199.195.251.84
tls_auth_name: "uncensored.ny1.dns.nixnet.xyz"
# backup TLS servers that also listen on 443
# https://dnsprivacy.org/wiki/display/DP/DNS+Privacy+Test+Servers#
# various - no logging
- address_data: 37.252.185.232
tls_auth_name: "dot1.appliedprivacy.net"
tls_port: 443
- address_data: 2a00:63c1:a:229::3
tls_auth_name: "dot1.appliedprivacy.net"
tls_port: 443
- address_data: 145.100.185.16
tls_auth_name: "dnsovertls1.sinodun.com"
tls_port: 443
- address_data: 2001:610:1:40ba:145:100:185:16
tls_auth_name: "dnsovertls1.sinodun.com"
tls_port: 443
- address_data: 89.234.186.112
tls_auth_name: "dns.neutopia.org"
tls_port: 443
- address_data: 2a00:5884:8209::2
tls_auth_name: "dns.neutopia.org"
tls_port: 443