Created a PowerShell Module for Serverless-dns for Windows 11 #116
HotCakeX
started this conversation in
Show and tell
Replies: 1 comment 2 replies
-
This looks great! Thanks 👍 I'll add it to the project's readme in the coming day or so. If I may, why query every 5mins? Sounds a bit drastic? Once every 2h sounds okay too; or, perhaps, this time period be configurable? |
Beta Was this translation helpful? Give feedback.
2 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Hello, I created a PowerShell Module for Serverless-dns for Windows 11
I personally use it and battle tested it to make sure it works in almost any condition. you could pin this or something so Windows users visiting this repository will be able to find it and use self-hosted serverless-dns easily and handle the dynamic IP address situation (which is fundamentally a good thing), but it's up to you, please let me know what you think.
WinSecureDNSMgr module
Quick, proper and automatic way to configure Secure DNS in Windows with multiple available operation modes
PowerShell Gallery
Discussion
·
Report Issue
Table of Contents
Operation modes
DNS over HTTPS in Windows using the default built-in OS DoH providers
This is the default mode of operation for this module. It will set up DNS over HTTPS in Windows using the default built-in OS DoH providers, which are Cloudflare, Quad9 and Google.
In this mode of operation, the active network adapter/interface will be detected automatically but you will have the option to review it and choose a different one if you like.
DNS over HTTPS in Windows using a custom DoH provider that has static IP address(s)
This mode of operation is useful when you want to use a custom DoH provider that has static IP address(s). You can supply the module with a DoH template and then you have 2 options
In this mode of operation, the active network adapter/interface will be detected automatically but you will have the option to review it and choose a different one if you like.
DNS over HTTPS in Windows using a custom DoH provider that has dynamic IP address(s)
This mode of operation is useful when you want to use a custom DoH provider that has dynamic IP address(s).
Once you run the module in this mode for the first time and supply it with your DoH template, it will create a scheduled task that will run the module automatically based on 2 distinct criteria:
As soon as Windows detects the current DNS servers are unreachable
Every 6 hours in order to check for new IP changes for the dynamic DoH server
The module and the scheduled task will use both IPv4s and IPv6s of the dynamic DoH server. The task will run whether or not any user is logged on.
In this mode of operation, the active network adapter/interface will be detected automatically.
💡(back to top)
About The Module
This is a PowerShell module that can simplify setting up DNS over HTTPS in Windows for various scenarios mentioned in the Operation modes section.
It can automatically identify the correct and active network adapter/interface and set Secure DNS settings for it based on parameters supplied by user.
That means it will detect the correct network adapter/interface even if you are using:
💡(back to top)
Features
Strongest possible End-to-End encrypted workflow
Created, targeted and tested on the latest version of Windows, on physical hardware and Virtual Machines
To make sure the module will always be able to acquire the IP address(s) of the DoH server, specially in case of dynamic DoH server when the currently set system IPv4s and IPv6s might be outdated, the module performs DNS queries in this exact order:
First tries using Cloudflare's main encrypted API to get the IP address(s) of the DoH server's domain.
If 1st one fails, tries using the Cloudflare's secondary encrypted API to get the IP address(s) of the DoH server's domain.
If 2nd one fails, tries using Google's main encrypted API to get the IP address(s) of the DoH server's domain.
If 3rd one fails, tries using Google's secondary encrypted API to get the IP address(s) of the DoH server's domain.
All of the connections to Cloudflare and Google servers use direct IP, are set to use TLS 1.3 with TLS_CHACHA20_POLY1305_SHA256 cipher suite and use
HTTP/2
💡(back to top)
Recommended setup
Use Cloudflare DNS over HTTPS which is a built-in DoH provider in Windows, it's the safest, fastest and most reliable.
If you can't use publicly known DNS over HTTPS providers for any reason, you can create your own DoH server and domain for free using a serverless Secure DNS and freenom. They are more stealthy, hard or costly for ISPs, governments etc. to detect or block.
💡(back to top)
Prerequisites
The latest stable version of PowerShell
Winget install Microsoft.PowerShell
Latest version of Windows
If planning to use the module in dynamic DoH mode and it's the first time installing PowerShell on your machine, restart your computer after installation so task scheduler will recognize
pwsh.exe
required for running this module.💡(back to top)
Installation
Install from PowerShell Gallery
if you already have the module installed, make sure it's up-to-date
💡(back to top)
Usage
Built-in DoH examples
Custom DoH examples
Dynamic DoH examples
💡(back to top)
Upcoming features
Beta Was this translation helpful? Give feedback.
All reactions