How to Bypass DNS Hijacking

Important

Due to the complexity of this work around we don’t provide support for the setup. The guide is delivered as is and a certain level of technical expertise is expected.

We suggest using Unlocator VPN if you are subject to DNS hijacking as the VPN will bypass any hijacking.

Some ISPs are known to hijack DNS requests. As a result you will not get the 3 green check marks in your account home regardless of your settings being correct. Sometimes you will even get the 3 green check marks and only certain urls are hijacked by the ISP.

The solution is to direct all DNS request from port 53 to port 54 so the DNS request will escape the filtering. In order to do so you need a router, which support IP tables.

DD-WRT

Add the following commands to the IP firewall:

iptables -t nat -A PREROUTING -i br0 -p udp --dport 53 -j DNAT --to 185.37.37.37:54
iptables -t nat -A PREROUTING -i br0 -p udp --dport 53 -j DNAT --to 185.37.39.39:54

Or us this command instead to force Google DNS to go to our servers. This is not to prevent DNS hijacking by your ISP but to send Google DNS traffic to us.

iptables -t nat -I PREROUTING --destination 8.8.8.8 -j DNAT --to 185.37.37.37
iptables -t nat -I PREROUTING --destination 8.8.4.4 -j DNAT --to 185.37.39.39

Don’t forget to restart the router afterwards. 

Still need help? Contact Us Contact Us