YogaDNS Documentation

Introduction

The Domain Name System (DNS) is the fundamental component of Internet communications. It translates human-readable names, such as www.example.net, to IPv4 or IPv6 addresses that can be accessible through a network.

The standard DNS protocol is very old and cannot satisfy the requirements of modern networking, including security, flexibility and reliability. To address these problems, a number of improvements and new protocols have been suggested, but unfortunately, they are not well supported, even by the latest operating systems and apps.

YogaDNS helps to resolve all these problems and move DNS to the next level. It can resolve hostnames over DNSCrypt, DNS over HTTPS (DoH) and plain (standard) DNS protocols as well as perform DNSSEC validation (local and remote). DNSCrypt can be anonymized through relays. Additionally, YogaDNS features built-in support for NextDNS.

The key feature of YogaDNS is the system-level integration. In other words, there is no need to change any existing DNS settings in multiple places. YogaDNS captures DNS requests at the system level and processes them according to your configuration and rules.

Even if you do not plan to use modern DNS protocols yet, you can get a lot of benefits and powerful features. YogaDNS allows you to define and use multiple DNS servers and pools simultaneously and set the rules based on hostname mask. You can process or block the resolves, choose the network interface, and so on. Optionally, you can set the rules to be triggered only if there is a specific network or VPN connection available.

Finally, with YogaDNS you can easily import publicly available DNS servers from the web, test them and find the best ones.

Installation and Uninstallation

Installation is easy and straightforward. YogaDNS is available as a download package at www.yogadns.com. It can be installed on Microsoft Windows 7, 8, 8.1 or 10 or Windows Server 2012, 2016 or 2019. Both 32- and 64-bit editions are supported.

Simply run the YogaDNSSetup.exe setup program and follow the steps of the installation wizard. No reboot is required.

Similarly, you can uninstall YogaDNS at any time. Simply go to Start->YogaDNS->Uninstall YogaDNS or use the Windows Control Panel. Either of these actions will completely remove YogaDNS from your system.

Quick Start

When you start YogaDNS for the first time with an empty configuration, it will display the First Start Wizard window where you can choose from a number of predefined scenarios. You can run this wizard any time with Configuration->First Start Wizard.

First Start WizardFirst Start Wizard

Normally, when you start YogaDNS, it runs in the background and adds its icon to the system tray. (If you do not see the YogaDNS icon, click on the arrow-like icon on the left side of the system tray.)

YogaDNS in the Windows 10 system trayYogaDNS in the Windows 10 system tray

To open the Main Window, left-click the icon. By right-clicking, you can quickly access DNS Servers or Rules or Exit the program.

If there are no DNS servers or rules in YogaDNS all DNS queries are bypassed. Still, you should see them in the log window as below:

[10.31 15:53:16] google.com - bypass : rule=Default
[10.31 15:56:14] www.google.com - bypass : rule=Default
[10.31 15:56:14] ssl.gstatic.com - bypass : rule=Default

At this point, you can manage DNS resolves with Rules. It is possible to block certain domains or force resolves through the selected network interfaces (default DNS servers will be used).

To add a specific DNS Server, open Configuration->DNS Servers via the menu or the toolbar icon and then click Add... You can put in the server details manually or import them from DNS Stamps ( sdns:// ). Below is an example using the Google Public DNS.

Google Public DNSGoogle Public DNS

After adding a DNS Server, you need to assign it to a Rule. To do this, open Configuration->Rules via the menu or the toolbar icon. You can use the persistent Default rule by double-clicking or clicking Edit..., or you can create a new one by clicking Add... The Default rule will be executed if no other rules match the resolve request. You can select Action and DNS Server. An example of the Default rule is shown below.

Default rule exampleDefault rule example

It is possible to create multiple Rules to resolve certain hostnames through selected DNS servers. When a resolve gets processed by YogaDNS through a DNS server, you should see the log messages as below (set Screen Log to Verbose or Debug for more output):

[10.31 17:08:51] iana.org - request : type=A, server=10.0.0.1:53, program=nslookup.exe
[10.31 17:08:51] iana.org - process : server=Google Public DNS (Plain, 8.8.8.8), rule=Default
[10.31 17:08:51] iana.org - reply : type=A, ips=192.0.43.8
[10.31 17:08:51] iana.org - request : type=AAAA, server=10.0.0.1:53, program=nslookup.exe
[10.31 17:08:51] iana.org - process : server=Google Public DNS (Plain, 8.8.8.8), rule=Default
[10.31 17:08:51] iana.org - reply : type=AAAA, ips=2001:500:88:200::8

You can now close the main window of YogaDNS, as it will keep running while minimized in the system tray. To make YogaDNS start automatically on Windows startup (user logon), enable File->Autostart.

Main Window

To open the main window, click the YogaDNS icon on the system tray or taskbar. The window has a menu, a toolbar and the log output, as seen below.

YogaDNS main windowYogaDNS main window

The elements of the toolbar correspond to the menu commands. You can manage the DNS Servers and Rules, clear the screen log by clicking Clear Display and set the verbosity level for the Screen Log and File Log.

When you close the main window, YogaDNS keeps running while minimized in the system tray. You can change this behavior by Window->Icon in the System Tray. When this option is disabled, YogaDNS will quit when you close the main window.

DNS Servers

To manage the list of DNS servers used by YogaDNS, open Configuration->DNS Servers via the menu or the toolbar icon. By default, the list is empty and the window appears as below:

DNS Servers windowDNS Servers window

You can use the Add..., Edit... and Remove buttons to add, edit or remove a DNS server. To import public DNS servers from the web use Get from the web... button. With Check button you can check selected server or servers. Click on the column header to sort the list accordingly.

The Server Pools button opens a subwindow where you can create pools of DNS Servers by dragging them from the list.

When you add or edit a DNS Server, the following window is displayed.

Plain DNS examplePlain DNS example

The available parameters depend on the selected protocol. The above example is of the Google Public DNS (Plain protocol).
The User friendly name is an arbitrary name set by the user and used to refer to this server in other parts of the program, including Rules and Logs.
The IP address and optional port field is used to set the address of the DNS server. This parameter is mandatory for the Plain and DNSCrypt protocols. To set a non-standard port number, use the notation IP:port (e.g. 8.8.8.8:53).
Select DNSSEC Supported if the server supports DNSSEC and you wish to use it. This allows you to enable DNSSEC parameters in the Rules that use this server.
Check button allows you to quickly test the server and get approximate RTT. The result will be output next to the Check button.

For the DNSCrypt protocol, you can specify the Public key and Provider name (both parameters are mandatory) as seen below. Disable query padding should be set if the server does not properly support this feature.

DNSCrypt exampleDNSCrypt example

For the DNS over HTTPS protocol, you can specify the URL (mandatory) and Hashes (optional):

DNS over HTTPS exampleDNS over HTTPS example

By clicking the sdns:// button, you can easily import or export DNS server details from DNS Stamps such as those found here: https://github.com/DNSCrypt/dnscrypt-resolvers/blob/master/v2/public-resolvers.md

DNS Stamp exampleDNS Stamp example

Additionally, YogaDNS features built-in support for NextDNS.

Rules

Rules are an essential part of YogaDNS. Basically, they allow you to specify a DNS Server that will be used for each resolve request based on the requested hostname. You can also block or bypass the request or force it through a selected network interface. To find the list of the rules, go to Configuration->Rules via the menu or the toolbar icon. If the configuration is empty, the Rules window will appear as below. There is only one predefined rule, Default.

Default DNS rulesDefault DNS rules

You can use the Add..., Clone, Edit... and Remove buttons to add, clone, edit or remove a rule. YogaDNS examines rules one by one from the top to the bottom. If no rules match, the Default rule is used.

DNS rules exampleDNS rules example

Use the Up and Down buttons to change the position of a rule in the list. To exclude the rule from the processing, remove the check mark located next to the rule name.
If you set a specific network interface for a rule, you can tell YogaDNS to Ignore the rule when its network interface is down by checking the box. This will not affect the rules that are not bound to the interfaces.

You can edit the Rule Name, set the Action and set the DNS Server right in the list. To edit Hostnames and change other parameters, double-click the rule or click Add... or Edit.... This will bring you to the Rule window.

Rule windowRule window

Here you can set an arbitrary Name for the rule and uncheck the Enabled checkbox to disable (exclude from processing) the rule.

Set the list of the Hostnames that will trigger this rule. Use a semi-colon (;) or a new line as a separator. Wildcards, such as *.example.com, are supported.
Click From File... button to select a file with hostnames. It can be of the standard /etc/hosts file format. IP addresses will be ignored. YogaDNS will copy the file into its configuration folder (C:\Users\<user_name>\AppData\Roaming\YogaDNS\) and will load the file from there on each start. The original file will not be used.

Use the Action dropdown list to Process, Bypass or Block the resolve request. It is possible to Process the resolve through a specific network interface (the connection to the DNS server will be made through this interface). This can be especially useful in VPN scenarios, when certain names should be resolved over a DNS server that is located in the VPN network. If no interface is selected, YogaDNS will use the system default interface. You can also control how the rule is handled if the interface is down by selecting the corresponding option in the rule list window.

An example of a rule with the Action list openedAn example of a rule with the Action list opened

If Action is set to Block, the request will be silently discarded. This will cause a resolve timeout for the client application. Bypass makes YogaDNS ignore the resolve request so that it will go unchanged to the original DNS Server.

In the DNS Server dropdown list, you can assign the DNS Server or Pool to the rule. If you select Default, YogaDNS will use the default DNS server of the network interface specified in Action.

Depending on the actual values of Action and DNS Server, YogaDNS outputs textual hints under these elements.

The DNSSEC section consists of two options. Reject unsigned names tells YogaDNS to reject the result of a resolve if it does not have a valid DNSSEC signature. Currently, only a limited number of domains support DNSSEC, so be sure to select them properly. Please also note that the validation takes place on the DNS Server side, so you need to have a secure connection with it. Otherwise, the result can be vulnerable to the man-in-the-middle attack. To prevent this, you can also enable the Request and validate all signatures option, although this can significantly slow down name resolutions. Use the Debug Log to troubleshoot DNSSEC.

Pools and Relays

DNS Servers and DNS relays can be combined into a pool. If you assign such a pool to a rule, YogaDNS will use a random DNS server from this pool to make a resolution. This will improve the redundancy and distribute the load.

Another scenario for the pools is the use of DNS relays (a.k.a. Anonymized DNS). In this case, a pool should contain relay(s) and DNSCrypt server(s). YogaDNS will forward queries over the relay(s) to the DNSCrypt server(s), and, thus, the queries will be anonymized. If a pool contains more than one server or relay, a random server or relay will be used for each query.

To create a pool, open Configuration->DNS Servers via the menu or the toolbar icon. Use the Add... button to add the DNS Servers that you would like to group into a pool. You can add a relay as you would add a DNS server, but it should have protocol Relay. Then, click the Pools and the Create button. A New Pool will be created. The pool name can be edited, and you can add DNS servers from the list to the pool by Drag and Drop. Use the Check button to check servers and pools.

DNS Server PoolsDNS Server Pools

The above example illustrates the use of pools. Two pools are defined: Anonymized DNS and Redundancy.

Anonymized DNS pool contains the DNSCrypt server comodo-02 and the relay anon-cs-fi. All requests to this pool will be processed by the comodo-02 server over the anon-cs-fi relay. If the server or the relay fails, the resolution will also fail.

Below is a verbose log example of a resolution request processed through this pool:

[03.02 14:40:24] iana.org - request : type=A, server=192.168.1.1:53, program=nslookup.exe
[03.02 14:40:24] iana.org - process : server=comodo-02 (DNSCrypt, pool Anonymized DNS, relay anon-cs-fi, 8.20.247.2), rule=Default
[03.02 14:40:24] iana.org - reply : type=A, ips=192.0.43.8

Redundancy pool contains four DNS servers with the various protocols. YogaDNS will use a random server for each query. If one server fails, the query also fails, but the DNS client will likely attempt a retry that may be processed by another server as in this example:

[03.02 15:07:13] iana.org - request : type=A, server=192.168.2.1:53, program=nslookup.exe
[03.02 15:07:13] iana.org - process : server=Bad Server (Plain, pool Redundancy, 172.20.1.1), rule=Default
[03.02 15:07:15] iana.org - request : type=A, server=192.168.2.1:53, program=nslookup.exe
[03.02 15:07:15] iana.org - process : server=Google #1 (Plain, pool Redundancy, 8.8.8.8), rule=Default
[03.02 15:07:15] iana.org - reply : type=A, ips=192.0.43.8

DNS Servers Import

You can import publicly available DNS Servers to YogaDNS from the web using the Import from the web... button in the DNS Servers window (Configuration->DNS Servers). After the button is clicked, the dialog box with the import settings opens.

DNS Servers Import SettingsDNS Servers Import Settings

Here, you can edit URLs with the DNS server list that YogaDNS will use to load the servers. The servers will be checked with the Test domain. The number for Servers per time can be adjusted according to your network conditions.

If you click the Load button, YogaDNS will begin loading servers from the specified URLs and will display the following window:

DNS Servers ImportDNS Servers Import

Use the Check All or the Check Marked button to check the servers. The check results will be indicated by color (green or red). Round trip time (RTT) will be outputted in the Status column. This number is approximate and varies greatly from test to test. Click on the column header to sort the list accordingly.

DNS Servers Import CheckedDNS Servers Import Checked

To select the servers that you wish to import to YogaDNS, mark them by ticking the square on the left side of the list and then click the Import Marked button. You can mark multiple servers at once by selecting them with the mouse while holding the SHIFT or CTRL key and pressing the SPACE key on the keyboard. Delete with the DELETE keyboard key. You can Reload the servers again and change the Settings.

Configuration Files and Logs

YogaDNS stores configurations in files (human-readable XML). From the File menu, you can Import Configuration from and Export Configuration to a file. New Configuration will reset the configuration to the default values. All DNS Servers and Rules will be deleted.

YogaDNS provides highly detailed, real-time messages about all activities. The messages can be output on the screen (log window) and/or as a file. There are four levels of verbosity: Errors Only, Normal, Verbose and Debug. You can set them independently for Screen and File through the toolbar or Log menu. To set the log file path, go to Log->File->Set Log Folder..., or to open the log folder, go to Log->File->Open Log Folder....