Simple DNS over HTTPS Server
Host your DNS over HTTPS Server just by running ./Arashi.Aoi --upstream 127.0.0.1.
If you get Permission denied, run chmod +x ./Arashi.Aoi to grant execution permission.
OR using Docker. docker run -d -p 2020:2020 ghcr.io/mili-tan/arashidns.aoi --upstream 8.8.8.8
It is that easy. Use --help / -? to discover more parameters and get help information.
wget https://t.mili.one/arashia-linux-x64 -O /usr/bin/arashiawget https://t.mili.one/arashia.service -O /etc/systemd/system/arashia@.servicechmod +x /usr/bin/arashiasystemctl enable arashia@1.0.0.1 --now
| Parameter | Explanation | Example |
|---|---|---|
-? / --help |
Show help information | |
-l / --listen |
Set the server listening address and port | 127.0.0.1:2020 |
-u / --upstream |
Set the upstream origin DNS server IP address | 8.8.8.8 |
-t / --timeout |
Set timeout for query to the upstream DNS server (ms) | 500 |
-r / --retries |
Set number of retries for query to upstream DNS server | 5 |
-p / --perfix |
Set your DNS over HTTPS server query prefix | “/dns-query” |
-c / --cache |
Local query cache settings | full / flexible / none |
--log |
Console log output settings | full / dns-query / none |
--tcp |
Set enable upstream DNS query using TCP only | |
--noecs |
Set force disable active EDNS Client Subnet | |
-s / --https |
Set enable HTTPS (Self-Signed Certificate by default, Not Recommended) | |
-pfx / --pfxfile |
Set your pfx certificate file path (with optional password) | “./cert.pfx” |
-pass / --pfxpass |
Set your pfx certificate password | “passw0rd “ |
-pem / --pemfile |
Set your pem certificate file path | “./cert.pem” |
-key / --keyfile |
Set your pem certificate key file path | “./cert.key” |
Usually you only need to set them when running in a container (such as Docker).
And generally only ARASHI_VAR and PORT need to be set.
| Variables | Explanation | Example |
|---|---|---|
PORT |
Set the server listening port | 2020 |
ARASHI_ANY |
Set the server listening any address | true |
ARASHI_VAR |
Set start-up parameters (see above) | -u 127.0.0.1 -r 3 |
ARASHI_RUNNING_IN_CONTAINER |
Manual setting is required only if the container is not identified | true |
./Arashi.Aoi.exe in Command Prompt or Powershell, and click the Minimize button.nohup ./Arashi.Aoi --upstream 127.0.0.1 & or use screen. Despite being a dirty approach, it just works.When the ct parameter’s application is not dns-message , and with a valid name parameter. ArashiDNS.Aoi provides Google JSON API for DNS over HTTPS (DoH) compatible protocol. Parameters are the same, but cd , do , random_padding are not implemented, they will be ignored.
ArashiDNS.Aoi provides complete IETF DNS-over-HTTPS (RFC 8484) Compatibility. The GET request needs to contain valid dns parameters.
Full IPv6 support is available, but in many cases IPv4 is still preferred. You may need to force AAAA lookups or ipv6 server listening addresses.
EDNS-Client-Subnet is enabled by default. Your upstream origin DNS server also needs to support EDNS-Client-Subnet for it to work. If your server is hosted in ECS or behind CDN, The request need to include X-Forwarded-For or X-Real-IP.
If you wish to disable it, please enter EDNS-Client-Subnet IP 0.0.0.0 in your client.
ReSharper is a really amazing tool that made my development several times more efficient.
Thanks to JetBrains for providing the ReSharper open source license for this project.
ArashiDNS was born out of open source softwares and the people who support it.
Check out Credits for a list of our collaborators and other open source softwares used.
Copyright (c) 2020 Milkey Tan. Code released under the Mozilla Public License 2.0.
ArashiDNS™ is a trademark of Milkey Tan.