How to install DNS over HTTPS Cloudflare client in Ubuntu

In today's world information / data is the new gold, everyone is trying to mine data and produce targeted business solutions / advertising to the common people. Privacy is diminishing day by day, many websites daily uses complex analytics to mine data from users. To protect from one of such data mining from your ISP you can use DNS over HTTPS (DoH) service which hides your internet browsing / websites you visited from your ISP.

How to install DNS over HTTPS Cloudflare client in Ubuntu - Techzost blog
How to install DNS over HTTPS Cloudflare client in Ubuntu - Techzost blog

Cloudflare offers a Free DNS over HTTPS (DoH) service called Cloudflared / Argo tunnel: 

DNS over HTTPS (DoH) clients you can use to connect to 1.1.1.1 in order to protect your DNS queries from privacy intrusions and tampering.

  • Download Argo tunnel from this website, available for Linux, Windows and Mac systems.

You can verify Cloudflared / Argo tunnel successfully installation in Terminal / Command prompt. 

$ cloudflared version
output: cloudflared version xxxx.xx.xx


Start the DNS proxy on an address and port in your network. If you don’t specify an address and port, it will start listening on localhost:53. DNS (53) is a privileged port, so you need to run the daemon as a privileged user in order to be able to bind to it.


$ sudo cloudflared proxy-dns
output: INFO[0000] Adding DNS upstream url="https://cloudflare-dns.com/dns-query"

INFO[0000] Starting metrics server addr="127.0.0.1:49312"
INFO[0000] Starting DNS over HTTPS proxy server addr="dns://localhost:53"



Set up cloudflared as a service so it starts on user login. You can use numeric addresses, to avoid circular dependency on system resolver. First generate a configuration file

$ sudo mkdir /usr/local/etc/cloudflared
cd /usr/local/etc/cloudflared
$ sudo gedit config.yml


Copy following code and save close file:

proxy-dns: true
proxy-dns-upstream:
 - https://1.1.1.1/dns-query
 - https://1.0.0.1/dns-query

Verify:

cat config.yml 
output:
proxy-dns: true
proxy-dns-upstream:
 - https://1.1.1.1/dns-query
 - https://1.0.0.1/dns-query

Now Install cloudflared as a service so it starts on user login

$ sudo cloudflared service install
INFO[0000] Applied configuration from /usr/local/etc/cloudflared/config.yml
INFO[0000] Installing Argo Tunnel as an user launch agent
INFO[0000] Outputs are logged in /tmp/com.cloudflare.cloudflared.out.log and /tmp/com.cloudflare.cloudflared.err.log

Verify that it’s running, then switch your DNS servers to 127.0.0.1
dig +short @127.0.0.1 cloudflare.com AAAA
2400:cb00:2048:1::c629:d6a2
2400:cb00:2048:1::c629:d7a2

source - https://developers.cloudflare.com/1.1.1.1/dns-over-https/cloudflared-proxy/
Previous Post Next Post