dnscrypt.ca ... Free, Canadian, uncensored, no-logs, encrypted, and DNSSEC validated DNS service for your pleasure.

Status

Server #1 Server #2
dnscrypt.ca-1 dnscrypt.ca-2
dnscrypt.ca-1-doh dnscrypt.ca-2-doh
dnscrypt.ca-1-ipv6 dnscrypt.ca-2-ipv6
dnscrypt.ca-1-doh-ipv6 dnscrypt.ca-2-doh-ipv6

Last check: 2022-12-05 at 20:30 Eastern time. Service names shown in green are currently up, service names shown in red are currently down. The script only checks every 15 minutes but if you think any or all of the servers are experiencing problems, feel free to contact me to let me know. DNSCrypt services are provided on port 443 with dnscrypt-wrapper and DoH services are provided on port 453 with m13253 and nginx.

The Servers

The dnscrypt.ca servers are Virtual Private Servers I rent from ULayer.net. The servers went public in September of 2017, and each server has an IPv4 address and an IPv6 address. On each server I run Unbound which receives DNS queries and looks up the IP addresses for them. The encrypted listener services allow you to connect with an appropriate client application which will forward your queries to the local Unbound service. Both servers are in Montreal, both support DNSSEC (a feature of DNS that ensures you are getting the correct answers to your queries), both are uncensored, and these servers record no query logs. Unbound has some built in metrics that allow me to see that lately [as of 2022-11-23] the servers are doing about 11.6 million queries per day (that's about 135 queries per second), but that is all I know. There is no record of who connects to these servers, or what names they resolve to IP addresses.

Server #1 Server #2
DNS Name dns1.dnscrypt.ca dns2.dnscrypt.ca
IPv6 Specific DNS Name dns1.ipv6.dnscrypt.ca dns2.ipv6.dnscrypt.ca
IPv4 Address 167.114.220.125 149.56.228.45
IPv6 Address 2607:5300:61:95f:7283:11d9:f86:e689 2607:5300:61:95f:7283:11d9:f86:e690
DNSCrypt Provider Name 2.dnscrypt-cert.dnscrypt.ca-1 2.dnscrypt-cert.dnscrypt.ca-2
DNSCrypt Port Number 443 443
DoH Port Number 453 453
DoH SNI + path https://dns1.dnscrypt.ca:453/dns-query https://dns2.dnscrypt.ca:453/dns-query
DNSSEC Yes Yes
Logging No No
Filtering/Censoring No No

Me

I have no corporate affiliation, and I have nothing to do with the development of DNSCrypt, m13253, nginx, or Unbound. I am just some retired infrastructure guy who has strong opinions about privacy and security. I use these dnscrypt'ed servers for my own name resolution, I receive no compensation for the time spent managing the servers, and my costs are partially covered[1] by donations from users like you.

DNS

Pretty much everything you do with your Internet-connected device requires a DNS lookup [or many lookups] to function. DNS turns names like dnscrypt.ca in to IP addresses like 69.165.220.221. Unfortunately, DNS is almost always unencrypted. As a result, it might be possible for someone to know what DNS names you are requesting, or in some cases provide intentionally incorrect replies to your DNS queries. DNSCrypt is a way to encrypt your DNS queries, hiding them from prying eyes and fingers.

[1] To date there has been a single donation of CAD$20 back in 2019.