DNSCrypt digunakan untuk mengenkripsi query DNS dari client ke server (resolver). Banyak ISP-ISP yang mulai memfilter traffic lewat DNS, di Indonesia sendiri sangat banyak situs yang diblokir karena alasan tertentu, baik politik dan lain sebagainya. Sayangnya ;) dengan hanya mengganti DNS ISP ke DNS Google atau OpenDNS sudah tidak bisa melewati sensor tersebut, mau tidak mau kita harus menggunakan DNSCrypt. Berikut ini akan dijelaskan cara instalasinya tahap demi tahap.

Install dependency DNSCrypt

sebelum bisa mengkompile DNSCrypt kita harus menginstall beberapa library yang dibutuhkan, karena dnscrypr belum ada di repository Fedora jadi ngga bisa tinggal install (dnf install dnscrypt)

dnf install gcc make automake gcc-c++ glibc-devel libtool automake libtool-ltdl-devel -y

Install libsodium

dnf install libsodium-devel libsodium

Install DNSCrypt

wget https://download.dnscrypt.org/dnscrypt-proxy/dnscrypt-proxy-1.6.0.tar.gz

ekstrak dan install

tar zxvf dnscrypt-proxy-1.6.0.tar.gz
cd dnscrypt-proxy-1.6.0
./autogen.sh
./configure
make
su -c "make install"

Cara menggunakan DNSCrypt

Terlebih dahulu download list server (resolver) DNSCrypt

wget https://download.dnscrypt.org/dnscrypt-proxy/dnscrypt-resolvers.csv -O /usr/local/share/dnscrypt-proxy/dnscrypt-resolvers.csv

lalu jalankan dnscrypt dengan format

su -c "dnscrypt-proxy -R cisco"

hapus isi file /etc/resolv.conf ganti dengan

nameserver 127.0.0.1

sebelum menggunakan dnscrypt

router@jaranguda $ ping -c6 reddit.com
PING internet-positif.org (118.98.97.151) 56(84) bytes of data.
64 bytes from 118.98.97.151: icmp_seq=1 ttl=55 time=23.4 ms
64 bytes from 118.98.97.151: icmp_seq=3 ttl=55 time=158 ms
64 bytes from 118.98.97.151: icmp_seq=4 ttl=55 time=24.5 ms
64 bytes from 118.98.97.151: icmp_seq=5 ttl=55 time=25.9 ms
64 bytes from 118.98.97.151: icmp_seq=6 ttl=55 time=28.8 ms
 
--- internet-positif.org ping statistics ---
6 packets transmitted, 5 received, 16% packet loss, time 5005ms

setelah menggunakan dnscrypt

router@jaranguda $ ping -c6 reddit.com
PING reddit.com (198.41.208.140) 56(84) bytes of data.
64 bytes from 198.41.208.140: icmp_seq=1 ttl=55 time=56.7 ms
64 bytes from 198.41.208.140: icmp_seq=2 ttl=55 time=48.2 ms
64 bytes from 198.41.208.140: icmp_seq=3 ttl=55 time=45.7 ms
64 bytes from 198.41.208.140: icmp_seq=4 ttl=55 time=68.1 ms
64 bytes from 198.41.208.140: icmp_seq=5 ttl=55 time=43.6 ms
64 bytes from 198.41.208.140: icmp_seq=6 ttl=55 time=51.3 ms
 
--- reddit.com ping statistics ---
6 packets transmitted, 6 received, 0% packet loss, time 5006ms
rtt min/avg/max/mdev = 43.685/52.319/68.193/8.238 ms

Tulisan menarik lainnya

Leave a comment

Your email address will not be published. Required fields are marked *