dnscrypt.ca ... Free, Canadian, uncensored, no-logs, encrypted, and DNSSEC validated DNS service for your pleasure.


Server #1
IPv4 provider-name 2.dnscrypt-cert.dnscrypt.ca-1
IPv4 fingerprint 1A53:A3C9:5078:9CBD:D10B:1933:A468:9B6C:846A:40F1:B73D:1752:AECA:C982:9ECB:7CE2
IPv6 [2607:5300:61:95f:7283:11d9:0f86:e689]
IPv6 provider-name 2.dnscrypt-cert.dnscrypt.ca-1-ipv6
IPv6 fingerprint 20D9:19D4:EC3C:5008:CDC7:0A51:EA2B:4FCB:FE8A:993C:6431:D0EC:681D:5EA7:3845:AB80
DoH URL https://dns1.dnscrypt.ca:453/dns-query
Server #2
IPv4 provider-name 2.dnscrypt-cert.dnscrypt.ca-2
IPv4 fingerprint 0108:54AB:3B56:A7EE:F9D3:9158:FEF6:820B:FF93:A235:7C89:1608:DB9E:15D3:BBE0:1185
IPv6 [2607:5300:60:652f::200]
IPv6 provider-name 2.dnscrypt-cert.dnscrypt.ca-2-ipv6
IPv6 fingerprint 987C:70A8:97DB:DA15:1A34:AD4B:55EA:800E:F561:CC04:AAD5:C57D:D2C3:D861:FC17:F429
DoH URL https://dns2.dnscrypt.ca:453/dns-query

Last check: 2020-10-22 at 20:15 Eastern time. Server names shown in green are currently up, server names shown in red are currently down. The script only checks IPv4, so if you think any or all of the servers are experiencing problems, feel free to contact me to let me know. DNSCrypt services are provided on port 443 with dnscrypt-wrapper and DoH services are provided on port 453 with routedns.


I have no corporate affiliation, and I have nothing to do with the development of DNSCrypt, RouteDNS, or Unbound. I am just some retired infrastructure guy who has strong opinions about privacy and security. I use these dnscrypt'ed servers for my own name resolution, there is no compensation for the time spent managing the servers, and my costs are partially covered by donations from users like you.


The dnscrypt.ca servers are Virtual Private Servers I rent from ULayer.net. Each server has an IPv4 address and an IPv6 address. On each server I run Unbound which receives DNS queries and looks up the IP addresses for them. The dnscrypt-wrapper and RouteDNS services allow you to connect with an appropriate client application which will forward your queries to the local Unbound service.

Both servers are in Montreal, both support DNSSEC (a feature of DNS that ensures you are getting the correct answers to your queries), both are uncensored, and these servers record no query logs. Unbound has some built in metrics that allow me to see that lately [as of 2020-04-19] the servers are doing about 5.2 million queries per day with about a 53% cache hit rate, but that is all I know. There is no record of who connects to these servers, or what names they resolve to IP addresses.


Pretty much everything you do with your Internet-connected device require a DNS lookup [or many lookups] to function. DNS turns names like dnscrypt.ca in to IP addresses like Unfortunately, DNS is almost always unencrypted. As a result, it might be possible for someone to know what DNS names you are requesting, and ultimately what services you are using (even if you are connecting to an encrypted service). DNSCrypt is a way to encrypt your DNS queries, hiding them from prying eyes.