Add OpenNIC DNS Servers


I’d love to see OpenNIC servers added to the default list, it’s been around since 2000 and it’s relatively popular among privacy-minded techies :wink:

There’s a lot of DNS servers available since it’s a community project, but I think it’d make the most sense to add the main Anycast servers:

  • 2a05:dfc7:5::53
  • 2a05:dfc7:5353::53

Edit: see my post below.

More info at



I did see that post, and I think we reasonably meet all the requirements.

The two servers I mentioned do technically log, in the sense that they cache queries and responses in a redis database for performance across all nodes, but that seems like a reasonable limitation and all logs are anonymized (no user data retained).

We also have DNSSEC, but not using the default trust anchors (like I mentioned in my other post).

I really don’t think these are major issues (especially if you’d be willing to work with us on DNSSEC), since it’s essentially impossible to find a DNS server that doesn’t log in some form (caching). If they are, let me know, and I’ll see if we can work something out.

I personally think it’d be beneficial for you to start endorsing open-source services with aligned values vs servers from the likes of Google, OpenDNS, etc.


It’s come to my attention that the two servers operated by Fusl I mentioned above don’t seem to always validate DNSSEC queries properly.

You’re welcome to use the unlisted Tier 2 servers (OpenNIC DNS resolvers) I use for backend work across a lot of my OpenNIC related services (including Tier 1 operation) if you wish to add OpenNIC to your default options:

  • / 2604:a880:cad:d0::9a7:1
  • / 2604:a880:800:a1::1180:a001

These servers don’t log in any way and fully support DNSSEC with the following trust-anchor configuration:

root@nyc1:~# cat /etc/dnsmasq.d/02-trustanchor.conf

FWIW, I’m not just some random server operator, I run two of the ten root DNS servers for OpenNIC, a few DNS resolvers (including a primary anycast server and a newly created public Pi-hole instance), and some main organizational infrastructure including our homepage. Feel free to reply/PM me here if you have any questions/concerns.