==================
== beto's notes ==
==================

DNS Configuration

Testing of this configurations can be made at DNSLeakTest

Install DNSCloak
Add Nixnet DNS to configuration. Nixnet DNS reference

1[static.'NIXNET.NY-199.195.251.84']
2stamp = 'sdns://AgMAAAAAAAAADjE5OS4xOTUuMjUxLjg0AB11bmNlbnNvcmVkLm55MS5kbnMubml4bmV0Lnh5egovZG5zLXF1ZXJ5'

NY Stamp

Enable a fallback DNS (libredns) and the dummy VPN connection.

Arch Linux

Install dnscrypt-proxy
Edit /etc/dnscrypt-proxy/dnscrypt-proxy.toml

Enable the server_names with the allowed servers from the manually added and those from this, enable DNSSEC and add stamp for static servers.
```
1server_names = ['NIXNET.NY-196.195.251.84','libredns']
2require_dnssec = true
```
Modify /etc/resolv.conf to have the following content and lock it from being modified with # chattr -i /etc/resolv.conf
```
1nameserver ::1
2nameserver 127.0.0.1
3options edns0 single-request-reopen
```
Disable any other DNS clients (i.e. systemd-resolved)
Enable DNS systemd service sudo systemctl enable dnscrypt-proxy