Set-DynamicIPDoHServer: A PowerShell repository from HotCakeX

💎 Use a DNS over HTTPS server that doesn't have a stable IP address, on Windows 11 💎

Quick and automatic way to use a dynamic IP DNS-over-HTTPS server on Windows
PowerShell Gallery

Discussion · Report Issue

Table of Contents

About The Module
Features
Getting Started
- Prerequisites
- Installation
Usage

About The Module

This module will automatically identify the correct and active network adapter/interface and set the Secure DNS settings for it based on parameters supplied by user. That means it will detect the correct network adapter/interface even if you are using:

Windows built-in VPN connections (PPTP, L2TP, SSTP etc.)
OpenVPN
TUN/TAP virtual adapters (a lot of programs use them, including WireGuard)
Hyper-V virtual switches (Internal, Private, External, all at the same time)
Cloudflare WARP client

You can create a self-hosted DoH server for free on Cloudflare or other providers, with custom domain name and dynamic IP addresses, which are hard or costly for ISPs, governments etc. to block

please refer to the GitHub repository of serverless-dns for more info

Features

Strong End-to-End encrypted workflow
Created, targeted and tested on the latest version of Windows 11, on physical hardware and Virtual Machines
Once you run this module for the first time and supply it with your DoH template and DoH domain, it will create a scheduled task that will run the module automatically based on 2 distinct criteria:
- as soon as Windows detects the current DNS servers are unreachable
- every 6 hours in order to check for new IP changes for the dynamic DoH server
- You can fine-tune the interval in Task Scheduler GUI if you like. I haven't had any downtimes in my tests because the module runs milliseconds after Windows detects DNS servers are unreachable, and even then, Windows still maintains the current active connections using the DNS cache. if your experience is different, please let me know on GitHub.
the module and the scheduled task will use both IPv4s and IPv6s of the dynamic DoH server. the task will run whether or not any user is logged on.
in order to make sure the module will always be able to acquire the IP addresses of the dynamic DoH server, even when the currently set IPv4s and IPv6s are outdated, the module performs DNS queries in this order:
- First tries using Cloudflare's main encrypted API to get IP addresses of our DoH domain
- if 1st one fails, tries using Cloudflare's secondary encrypted API to get IP addresses of our DoH domain
- if 2nd one fails, tries using Google's main encrypted API to get IP addresses of our DoH domain
- if 3rd one fails, tries using Google's secondary encrypted API to get IP addresses of our DoH domain

All of the connections to Cloudflare and Google servers use direct IP, are set to use TLS 1.3 with TLS_CHACHA20_POLY1305_SHA256 cipher suite and use HTTP/2

💡(back to top)

Getting Started

if you already have the module installed, make sure it's up-to-date

Update-Module -Name Set-DynamicIPDoHServer -force

Prerequisites

Make sure you have the latest stable PowerShell installed from Github before running this module. if it's your first time installing that PowerShell, restart your computer after installation so task scheduler will recognize pwsh.exe required for running this module.

Note store installed version currently not supported, but soon will be

Installation

Install-Module -Name Set-DynamicIPDoHServer

Usage

# using module's alias
set-ddoh -DoHTemplate "https://example.com/" -DoHDomain "example.com"
# using module's name
set-dynamicIPDoHServer -DoHTemplate "https://example.com/" -DoHDomain "example.com"