There is a point to this story, but it has temporarily escaped my mind...
Contact Me MyFaceBook MyLinkedIn MyGitHub MyTwitter

IPv4 Over DNS

IP over DNS encapsulates IP traffic inside of DNS requests, allowing access to the Internet from behind captive portals. (coffee shops, airports, restrictive corporate network, etc.) Captive portals usually block all traffic but they allow DNS requests to flow through so that you can look up host names, If you can look up host names via DNS, you can create a IP tunnel over DNS.

For this to work you need a couple of things,

  • A registered domain name;
  • A DNS server or access to a DNS Server that you can configure to resolve DNS queries for the registered domain name;
  • A machine on the Internet that can run a fake DNS server.

Domain Setup

Choose a sub-domain for you domain. you will need to create two DNS records on the DNS server. One “NS” record and one “A” record.

NS (Name Servers)

dtun.example.com.  NS    ns-dtun.example.com.

A (Host)

ns-dtun.example.com.          A     192.0.2.3

The purpose of this is that all requests to a certain sub-domain will be delegated to another name server which is running the fake DNS server.

Fake DNS Server

To install the fake DNS server software, you need to set up Perl and install some modules if they are not already installed.

perl -MCPAN -e 'install MIME::Base32'
perl -MCPAN -e 'install Net::DNS'
perl -MCPAN -e 'install Digest::CRC'

Download and extract ozymandns_src_0.1.tgz

Start the software:

sudo ./nomde.pl -i 0.0.0.0 dtun.example.com

Make sure that the firewall on the server running the Fake DNS service allows port 53 inbound for TCP and UDP. The Perl script tends to crash frequently so I wrap it in a script that will re-run it in case of a crash:

#!/bin/sh

while [ 1 ]; do
 ps -ef | grep -v grep | grep nomde
 if [ \$? -eq 1 ]
  then
   ./nomde.pl -i 0.0.0.0 dtun.example.com
 else
  echo .eq 0 - daemon found - do nothing.
 fi 
done

Save this file as ozymandns.sh and run it like '( (./ozymandns.sh & ) & )' so that the script will keep running after you log out from your machine.

Client Setup

On the client side, install Perl and the same Perl modules as the server. You will also need SSH. For Windows machines, Cygwin provides all of the necessary software… Using SSH's ProxyCommand, all communication will be sent using droute.pl through the DNS tunnel to the server.

ssh -o ProxyCommand="./droute.pl dtun.example.com" -N -D 9999 -C user@localhost -v

This command will create a SOCKS proxy between the client and the server. To use it, you'll need to configure your software to communicate through SOCKS. Both FireFox and ThunderBird can do this. The connection is slow, but good enough for checking your email or surfing.

Circumventing a captive portal or restrictive corporate firewall may be illegal or get you fired from your job. Use at your own risk.

Further Reading

Copyright © 2015 by Julian Easterling. SOME RIGHTS RESERVED.

Creative Commons License
Except where otherwise noted, content on this site is
licensed under a Creative Common Attribution-Share Alike 4.0 International License.


All of the opinions expressed on this website are those of Julian Easterling and
do not represent the views of any of my current and previous clients or employers in any way.

If you notice an error on the site or content that has not been properly attributed, bring
it to my attention using the contact page and I will endeavor to fix it as soon as I can.

I accept no responsibility or liability for any damages incurred by following any of
my advice or by using any of the information on my site or of those sites that I link to.