How to make a private DNS server?

Z

Zempik2019-09-06 10:48:08

linux

Zempik, 2019-09-06 10:48:08

Good day! There is a VPS with a DNS server (Pi-Hole ad blocker).
How can I make dns private so that you can't just connect to it via ip ?
I tried using openvpn, but so far vpn is not needed.
Thank you!

Reply

Answer the question

In order to leave comments, you need to log in

5 answer(s)

R

rPman, 2019-09-06
@rPman

If you cannot block access by ip address (since your home computer has a dynamic ip address?), then adequate isolation is possible only with vpn or a proxy server (look for the setting in the browser - proxy dns requests).
Why do you need to hide dns?

M

marataziat, 2019-09-06
@marataziat

Everything is very simple, through iptables, prohibit connections to your DNS server from outside, and allow only local ones! Then through https://habr.com/en/post/81607/ make a tunnel

We build a tunnel from the world to the network.

this is a full-fledged VPN and if you use public / private key authorization, then the protection will be no worse than that of openvpn!

P

Puma Thailand, 2019-09-07
@opium

Firewall restrict access

E

Evgeniy Ivanov, 2019-09-07
@cpanelhostig

Bind in the settings allows you to configure which ip to give answers.

I

Ilya Evseev, 2019-09-11
@IlyaEvseev

knockd + iptables.
By default, calls to 53/udp are closed, opened for the IP of the client that called the knock.
SSH setup example:
https://www.the-art-of-web.com/system/port-knockin...