You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 7 Next »

Overview

This package install the command line interface for Stubby. A future release will include a Graphical Interface to manage Stubby.

We consider Windows support for the Stubby CLI to be Beta at this time. It has been tested on Windows 10 and Windows 8. User testing reports, bug reports and patches/pull requests are all welcomed via github!


Installation

Download and run the installer:    Stubby.msi

SHA256 Checksum: 9622299c86738859fdfe5fefbe08950612229a74b9b66069ee79658edf18e115


This installs the following files in C:\Program Files\Stubby\

  • README.txt - containing these instructions
  • stubby.exe    - binary
  • stubby.yml    - configuration file
  • getdns_query.exe - tool for testing stubby
  • Powershell scripts for modifying system resolvers:
    • stubby_setdns_windows.ps1
    • stubby_resetdns_windows.ps1

This version of the installer is built from:

  • getdns commit: 12272dda368e81b519c7b192d8ee98dcd39d9720 (1.2.0 release with fixes from the develop branch)
  • stubby version: 0.1.4

Configuration

It is recommended to use the default configuration file provided which will use 'Strict' privacy mode and spread the DNS queries among several of the current DNS Privacy test servers. Note that this file contains both IPv4 and IPv6 addresses. It installed in "C:\Program Files\Stubby\stubby.yml"

More information on how to customise the configuration can be found here.

Run Stubby

Simply invoke Stubby on the command line from a command prompt window (To get a command prompt go to the Windows search box and type 'cmd' and then choose the 'Command prompt' option)

> "C:\Program Files\Stubby\stubby.exe" -C "C:\Program Files\Stubby\stubby.yml" -l

The -l flag enables full logging. Alternatively a specific logging level can be controlled by using the -v flag (run '"C:\Program Files\Stubby\stubby.exe" - h'  for details of available levels).

We are working on support for running Stubby as a service on Windows 10


Test Stubby

A quick test can be done by opening a separate Command prompt window and using getdns_query (or your favourite DNS tool) on the loopback address:

> "C:\Program Files\Stubby\getdns_query" -s @127.0.0.1 www.example.com

You should see a status of GETDNS_RESPSTATUS_GOOD and and rcode of GETDNS_RCODE_NOERROR in the getdns_query output. You should also see a connection being made in the stubby logs.


Modify your upstream resolvers

Once this change is made all your DNS queries will be re-directed to Stubby and sent over TLS! 
(You may need to restart some applications to have them pick up the network settings).

For Stubby to re-send outgoing DNS queries over TLS the recursive resolvers configured on your machine must be changed to send all the local queries to the loopback interface on which Stubby is listening. It might be useful to note your existing default nameservers before making this change!

To change nameservers

  • From Windows search box type 'cmd' and on the 'Command prompt' option that appears right click and select 'run as Administrator'
  • In the command prompt window that appears type

    PowerShell -ExecutionPolicy bypass -file  "C:\Program Files\Stubby\stubby_setdns_windows.ps1"

    to switch the system DNS resolvers to use Stubby. 

  • Use the same command but with "C:\Program Files\Stubby\stubby_resetdns_windows.ps1" instead to switch back to the default DNS nameservers.

You can monitor the DNS traffic using Wireshark watching on port 853.

If you encounter problems reverse this change to restore your default settings (no DNS Privacy). 

Known Issues

  • We are aware of occasional issues when Windows sleeps and resumes when stubby must be restarted to work correctly. 
  • The '-h' output of stubby.exe shows the wrong path for the installed configuration file. An issue has been opened for this.

Manual update of system revolvers on Windows

If you need to manually inspect or change your system revolvers on Windows through the GUI then do the following:

  1. Open the Control Panel
  2. Choose 'Network and Internet'
  3. Choose 'View network status and tasks' under 'Network and Sharing Center' 
  4. Choose 'Change adapter settings' from the left hand menu
  5. Then choose your interface - most likely either 'Wi-fi' or 'Ethernet'
  6. In the dialog that appears, click on the 'Properties' button at the bottom
  7. In the list that appears double click on 'Internet Protocol Version 6 (TCP/IPv6)'
    1. You can toggle your DNS between using the default DNS servers provided by the network you are on and setting specific servers using the botton radio buttons on this page
    2. Be sure to press OK and then Close to apply the settings. 
  8. Repeat step 7 for  'Internet Protocol Version 6 (TCP/IPv6)' if you have IPv6 enabled


  • No labels