How to Bypass DNS Hijacking

Important

Due to the complexity of this workaround, we don’t provide support for the setup. The guide is delivered as-is and a certain level of technical expertise is expected.

We suggest using Unlocator VPN if you are subject to DNS hijacking as the VPN will bypass any hijacking.

Some ISPs are known to hijack DNS requests. As a result, you will not get the 3 green check marks in your account home regardless of your settings being correct. Sometimes you will even get the 3 green checkmarks and only certain URLs are hijacked by the ISP.

The solution is to direct all DNS request from port 53 to port 54 so the DNS request will escape the filtering. In order to do so, you need a router, which supports IP tables.

DD-WRT

Add the following commands to the IP firewall:

iptables -t nat -A PREROUTING -i br0 -p udp --dport 53 -j DNAT --to 185.37.37.37:54
iptables -t nat -A PREROUTING -i br0 -p udp --dport 53 -j DNAT --to 185.37.39.39:54

Or use this command instead to force Google DNS to go to our servers. This is not to prevent DNS hijacking by your ISP but to send Google DNS traffic to us.

iptables -t nat -I PREROUTING --destination 8.8.8.8 -j DNAT --to 185.37.37.37
iptables -t nat -I PREROUTING --destination 8.8.4.4 -j DNAT --to 185.37.39.39

Don’t forget to restart the router afterward. 

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.

Still need help? Contact Us Contact Us