DNS Switch
| Property |
Value |
| Binary Name |
dns-switch |
| Version |
9.0.1 |
| File Size |
13.0MB |
| Author |
Warith Al Maawali |
| License |
Proprietary |
| Category |
Network & Routing |
| Description |
Production-ready DNS management with security and portability. A self-contained, portable DNS manage... |
| JSON Data |
View Raw JSON |
SHA256 Checksum
274e2f0ac4e5a38ac8ed12b451edcca005ee251696d41c966554902a25b48dd5
🛡️ Key Features
DNS Server Management
| Feature |
Description |
| Extensive Database |
Hundreds of vetted DNS servers categorized by security level |
| Smart Selection |
Automatic scoring based on latency, reliability, and privacy |
| DNSCrypt Support |
Full encryption for DNS queries to prevent eavesdropping |
| Pi-hole Integration |
Seamless ad-blocking DNS filtering support |
Why DNS Switch is Critical
| Benefit |
Description |
| DNS Leak Protection |
Helps prevent DNS queries from bypassing your VPN/Tor |
| Privacy Protection |
Uses only non-logging DNS providers |
| Censorship Bypass |
Access blocked content with alternative DNS |
| Attack Detection |
Identifies DNS poisoning and hijacking attempts |
| Automatic Failover |
Switches to backup servers if primary fails |
🛡️ ⚡ TL;DR - Essential Commands
Important: Use sudo for DNS operations as they modify system network settings.
# Switch to a random secure DNS server (reputable set)
sudo dns-switch random --type reputable
sudo dns-switch random --type reputable --count 5
# Switch to specific DNS category or provider
sudo dns-switch switch --names cloudflare
sudo dns-switch switch --servers 1.1.1.1 9.9.9.9
# Check current DNS configuration and status
dns-switch status --json # JSON output for automation
dns-switch status --verbose # Detailed status information
# Test DNS server health
dns-switch health --type reputable
# Enable DNSCrypt for encrypted DNS
sudo dns-switch switch --names dnscrypt
# Fetch and update DNS database from remote sources
sudo dns-switch fetch
🛡️ Understanding DNS Management
DNS Categories
DNS Switch organizes servers into multiple security levels:
# Switch to most secure, privacy-focused servers
sudo dns-switch switch --category reputable
# Use standard secure servers
sudo dns-switch switch --category normal
# Use encrypted DNS servers
sudo dns-switch switch --category encrypted
# Emergency fallback servers
sudo dns-switch fallback
Server Categories:
| Category |
Description |
| Reputable |
No-logs policy, DNSSEC support, proven privacy track record (Cloudflare, Quad9, AdGuard) |
| Normal |
Good security, reasonable performance, some logging |
| Encrypted |
DNSCrypt and DoH servers for encrypted queries |
| Fallback |
Emergency servers when others fail |
| All |
Mixed selection from all categories |
Advanced DNS Switching
# Switch by provider names
sudo dns-switch switch --names cloudflare
sudo dns-switch switch --names opendns
# Switch by IP addresses
sudo dns-switch switch --servers 1.1.1.1 9.9.9.9
# Verify servers work before applying
sudo dns-switch switch --names cloudflare --verify
# Random selection with options
sudo dns-switch random --type reputable --count 5
sudo dns-switch random --type reputable --verify
DNSCrypt for Encrypted DNS
DNSCrypt encrypts your DNS queries, preventing ISPs and attackers from seeing what websites you're visiting:
# Switch DNS to use DNSCrypt proxy
sudo dns-switch switch --names dnscrypt
# Enable DNSCrypt with specific resolver
sudo dns-switch dnscrypt-set --resolver cloudflare
# Check DNSCrypt status
dns-switch dnscrypt
# Restart DNSCrypt service
sudo dns-switch dnscrypt-restart
# Remove DNSCrypt (switches to reputable DNS automatically)
sudo dns-switch dnscrypt-remove
Pi-hole Integration
For network-wide ad blocking:
# Enable Pi-hole DNS filtering
sudo dns-switch pihole-enable
# Disable Pi-hole temporarily
sudo dns-switch pihole-disable
# Check Pi-hole status
dns-switch pihole
# Set Pi-hole admin password
sudo dns-switch pihole-password --password NewSecurePassword123
# Reset Pi-hole configuration
sudo dns-switch pihole-reset
Health Checking & Testing
# Check health of DNS servers by category
dns-switch health --type reputable
# Force fresh health check (bypass cache)
dns-switch health --type reputable --fresh
# Test for DNS poisoning
dns-switch test-poisoning
# Test for DNS hijacking
dns-switch test-hijacking
# Comprehensive DNS testing
dns-switch test-dns
# Test for DNS leaks
dns-leak test --json
dns-switch health --json
dns-switch status --json
Database Management
# Fetch latest DNS servers from remote sources
sudo dns-switch fetch
sudo dns-switch fetch --count 50
# List all available DNS servers
dns-switch list --category reputable
# Count servers by category
dns-switch count
# Clean duplicate entries
sudo dns-switch clean-duplicates
Backup & Recovery
# Create DNS configuration backup
sudo dns-switch backup
# Restore from backup
sudo dns-switch restore-backup
# Restore default DNS settings
sudo dns-switch restore-default
JSON Output and Return Codes
# All dns-switch commands support JSON output
sudo dns-switch status --json # JSON status output
sudo dns-switch health --json --type reputable # JSON health results
sudo dns-switch list --json # JSON server list
# Pretty-printed JSON for readability
sudo dns-switch status --json-pretty
# Parse JSON output with jq
sudo dns-switch status --json | jq '.current_dns'
sudo dns-switch health --json | jq '.health_score'
# Return codes (useful for scripts)
# 0 = Success
# 1 = General error
# 2 = Invalid arguments
# 3 = DNS operation failed
# 4 = Permission denied
🛡️ Advanced Commands
For advanced users who need access to all available commands and options, please refer to the auto-generated command reference which includes:
| Feature |
Description |
| Custom DNS configuration |
Advanced DNS server configuration options |
| Scoring parameters |
Algorithm parameters for DNS server scoring |
| Batch operations |
Batch testing and management operations |
| Database maintenance |
Commands for DNS database management |
| DNSCrypt options |
Advanced DNSCrypt configuration |
| JSON formatting |
JSON output formatting options |
| CLI reference |
All command-line flags and parameters |
🛡️ Security Notes
Important Security Practices:
| Practice |
Description |
| Tor DNS Resolution |
Use tor-switch for routing DNS through Tor network |
| Database Updates |
Regularly update DNS database with fetch command |
| Leak Testing |
Test for DNS leaks after VPN/Tor connection |
| Encryption |
Use DNSCrypt when on untrusted networks |
| Verification |
Verify DNS changes with status command |
| Security Testing |
Check for poisoning/hijacking on suspicious networks |
| Backup Strategy |
Backup configuration before major changes |
| Metric |
Value |
| Switch Time |
< 1 second |
| Memory Usage |
~25MB active, < 5MB idle |
| CPU Usage |
< 5% during operations |
| Database Size |
~5MB for full server list |
| Health Check |
2-5 seconds per server |
🛡️ Support