LoNET DNS Server with ads + malware filter and free dynamic DNS beta

Features

Filtering ads, malware and tracking
No client request logging
No EDNS Client-Subnet
DNSSEC validation processing
CNAME cloaking prevention

Dynamic DNS service included
Free for private use after registration
PCI DSS / HIPA / NIST compliant encryption
TLS OCSP stapling and 0-rtt support
Average 30d service uptime: 100.000%

Announcements

· 2021/Oct/01 ‐ Fixed Let's Encrypt outdated cross-signed certificates by removing the obsolete trust anchor.
· 2021/May/03 ‐ Changed server locations and IP addresses of phdns2 and phdns3. Old IPs will go offline soon.
· 2021/Apr/29 ‐ Added new server phdns5.lonet.org located in Great Britain, Great Britain.
· 2021/Apr/27 ‐ Added new server phdns4.lonet.org located in Spain, Spain.
· 2020/Nov/08 ‐ Added round-robin DNS dot.dns.lonet.org for DNS-over-TLS service including both servers located in germany.
· 2020/Nov/07 ‐ Official start of dns.lonet.org public beta test offering DoH, DoT and DNScrypt services.

Disclaimer

Use of this service is at your own risk. Under no circumstances will the operator be held responsible or liable in any way for any claims, damages, losses, expenses, costs or liabilities whatsoever (including, without limitation, any direct or indirect damages for loss of profits, business interruption or loss of information) resulting or arising directly or indirectly from accessing or otherwise using this service. The operator does not guarantee in any way the access, availability and continuity of the functioning of this service. By using this website and service you consent to the disclaimer and agree to its terms and conditions. By using Cloudflare this website stores a cookie, created and evaluated by Cloudflare. This cookie is strictly necessary for Cloudflare's security features and cannot be turned off.

Service list

Service	IPv4	IPv6	Port	Location	Access	Remarks
DNS	185.183.156.85	2a03:4000:1d:998:10::	53	Germany	restricted	Please register to get access.
DNS	217.160.191.192	2001:8d8:1801:305::1	53	Germany	restricted	Please register to get access.
DNS	74.208.85.60	2607:f1c0:1800:1e3::1	53	USA	restricted	Please register to get access.
DNS	82.223.114.172	2001:ba0:1800:8153::1	53	Spain	restricted	Please register to get access.
DNS	77.68.116.22	2a00:da00:1800:5a::1	53	Great Britain	restricted	Please register to get access.
DNS-over-HTTPS	https://doh.phdns1.lonet.org/dns-query		443	Germany	open	Strict TLS SNI only
DNS-over-HTTPS	https://doh.phdns2.lonet.org/dns-query		443	Germany	open	Strict TLS SNI only
DNS-over-HTTPS	https://doh.phdns3.lonet.org/dns-query		443	USA	open	Strict TLS SNI only
DNS-over-HTTPS	https://doh.phdns4.lonet.org/dns-query		443	Spain	open	Strict TLS SNI only
DNS-over-HTTPS	https://doh.phdns5.lonet.org/dns-query		443	Great Britain	open	Strict TLS SNI only
DNS-over-TLS	185.183.156.85	2a03:4000:1d:998:10::	853	Germany	open	TLS hostname: phdns1.lonet.org
DNS-over-TLS	217.160.191.192	2001:8d8:1801:305::1	853	Germany	open	TLS hostname: phdns2.lonet.org
DNS-over-TLS	74.208.85.60	2607:f1c0:1800:1e3::1	853	USA	open	TLS hostname: phdns3.lonet.org
DNS-over-TLS	82.223.114.172	2001:ba0:1800:8153::1	853	Spain	open	TLS hostname: phdns4.lonet.org
DNS-over-TLS	77.68.116.22	2a00:da00:1800:5a::1	853	Great Britain	open	TLS hostname: phdns5.lonet.org
DNScrypt	185.183.156.85	2a03:4000:1d:998:10::	8443	Germany	open	sdns://AQMAAAAAAAAADjE4NS4xODMuMTU2Ljg1ABBwaGRuczEubG9uZXQub3Jn
DNScrypt	217.160.191.192	2001:8d8:1801:305::1	8443	Germany	open	sdns://AQMAAAAAAAAACzUwLjcuMTI0LjI0ABBwaGRuczIubG9uZXQub3Jn
DNScrypt	74.208.85.60	2607:f1c0:1800:1e3::1	8443	USA	open	sdns://AQMAAAAAAAAADTIzLjIzNy41OC4xMjEAEHBoZG5zMy5sb25ldC5vcmc
DNScrypt	82.223.114.172	2001:ba0:1800:8153::1	8443	Spain	open	sdns://AQMAAAAAAAAADjgyLjIyMy4xMTQuMTcyABBwaGRuczQubG9uZXQub3Jn
DNScrypt	77.68.116.22	2a00:da00:1800:5a::1	8443	Great Britain	open	sdns://AQMAAAAAAAAADDc3LjY4LjExNi4yMgAQcGhkbnM1LmxvbmV0Lm9yZw

The recommended services with lowest latency at your location are highlighted in bold.

Registration

You have to configure a custom dynamic DNS service (i.e. in your router or firewall) for accessing restricted services. In order to register for this free service send an inquiry containing your desired username for dynamic DNS or your static IP address (range). The dynamic host is derrived from your username and will be like username.lonet.uk.to. Currently only users with an IPv4 address can apply.

Tutorials

AVM FritzBox 7360 - DNS server: https://en.avm.de/service/fritzbox/fritzbox-7360/knowledge-base/publication/show/165_Configuring-different-DNS-servers-in-the-FRITZ-Box/
AVM FritzBox 7340 - Dynamic DNS: https://en.avm.de/service/fritzbox/fritzbox-7340/knowledge-base/publication/show/30_Setting-up-dynamic-DNS-in-the-FRITZ-Box/
AVM FritzBox 7590 - DNS over TLS - https://en.avm.de/service/fritzbox/fritzbox-7590/knowledge-base/publication/show/165_Configuring-different-DNS-servers-in-the-FRITZ-Box/
Netgate pfSense - DNS server: https://docs.netgate.com/pfsense/en/latest/config/general.html#dns-server-settings
Netgate pfSense - Dynamic DNS: https://docs.netgate.com/pfsense/en/latest/services/dyndns/client.html
Android 9 (or higher) - DNS server: https://developers.google.com/speed/public-dns/docs/using#android ‐ Instead of dns.google use one of the DNS-over-TLS service hostnames from the list above.
Android (alternative) - DNS server: Download Intra from Google Play store and configure the app to use one of the DNS-over-HTTPS addresses from the list above.
Apple iPhone - DNS server: https://apps.apple.com/app/dnscloak-secure-dns-client/id1452162351

Service status

All five servers have served 0 DNS queries from clients in the past 24 hours. About 0.0% of these queries have been filtered for advertising, tracking or malware. The current privacy level at lease one server is set to degraded privacy. Currently at least one server is logging client requests and/or client IP addresses. This is temporarily for investigating problems with the servers or to mitigate attacks. All logs will be deleted immediately after investigations have been completed.

Curently 25 of 25 services are operational.

You can check the status and uptime of all services provided at the status page.

Filter lists

The blocklist database containing 0 blocked domains has been updated days, hours and minutes ago.

Currently these list are in use and get updated once a week:

https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
https://mirror1.malwaredomains.com/files/justdomains
https://s3.amazonaws.com/lists.disconnect.me/simple_malvertising.txt
http://sysctl.org/cameleon/hosts
https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt
https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt
https://justdomains.github.io/blocklists/lists/easylist-justdomains.txt
https://justdomains.github.io/blocklists/lists/easyprivacy-justdomains.txt
https://justdomains.github.io/blocklists/lists/adguarddns-justdomains.txt
https://justdomains.github.io/blocklists/lists/nocoin-justdomains.txt
https://adaway.org/hosts.txt
https://gitlab.com/quidsup/notrack-blocklists/raw/master/notrack-blocklist.txt
https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/spy.txt

Requests for whitelisting or delisting a domain will be ignored. If you want your domain delisted: Figure out which blocklist contains your domain and refer to the policies of this list for delisting.

Donations

If you like you can donate a small amount via PayPal to keep this service up and running.