dnscrypt.ca ... Free, Canadian, uncensored, no-logs, encrypted, and DNSSEC validated DNS service for your pleasure.

Status

Last check: 2019-10-14 at 10:00 Eastern time. Server names shown in green are currently up, server names shown in red are currently down. The script only checks IPv4, so if you think any or all of the servers are experiencing problems, feel free to contact me to let me know.

dnscrypt.ca-1 dnscrypt.ca-2
IP & Port: 192.99.183.132:443 IP & Port: 149.56.228.45:443
Provider Name: 2.dnscrypt-cert.dnscrypt.ca-1 Provider Name: 2.dnscrypt-cert.dnscrypt.ca-2
Provider Key: Hover to see Provider Key: Hover to see

dnscrypt.ca-1-ipv6 dnscrypt.ca-2-ipv6
IP & Port: [2607:5300:60:4aa8::600]:443 IP & Port: [2607:5300:120:b9b::200]:443
Provider Name: 2.dnscrypt-cert.dnscrypt.ca-1-ipv6 Provider Name: 2.dnscrypt-cert.dnscrypt.ca-2-ipv6
Provider Key: Hover to see Provider Key: Hover to see

Me

I have no corporate affiliation, and I have nothing to do with the development of dnscrypt or Unbound. I am just some retired infrastructure guy who has strong opinions about privacy and security. I use these dnscrypt'ed servers for my own name resolution, there is no compensation for the time spent managing the servers, and my costs are partially covered by donations from users like you.

Servers

The dnscrypt.ca servers are Virtual Private Servers I rent from ULayer.net. Each server has an IPv4 address and an IPv6 address. On each address I run dnscrypt-wrapper which allows you to connect with a DNSCrypt proxy application. The wrapper simply forwards the requests locally to Unbound, which does the actual work of resolving names in to IP addresses.

Both servers are in Montreal, both support DNSSEC (a feature of DNS that ensures you are getting the correct answers to your queries), both are uncensored, and these servers record no query logs. Unbound has some built in metrics that allow me to see that lately [as of 2019-08-19] the servers are doing about 2 million queries per day, but that is all I know. There is no record of who connects to these servers, or what names they resolve to IP addresses.

DNS

Pretty much all the things you do with your Internet-connected device require a DNS lookup [or many lookups] to function. DNS turns names like dnscrypt.ca in to IP addresses like 69.165.220.221. Unfortunately, DNS is almost always unencrypted. As a result, it might be possible for someone to know what DNS names you are requesting, and ultimately what services you are using (even if you are connecting to an encrypted service). DNSCrypt is a way to encrypt your DNS queries, hiding them from prying eyes.