DNS is also an optional part of the Singbox configuration. It can be useful for clients of the Singbox that are behind DNS censorship. Sing-Box can be configured to use a specific DNS server or a list of DNS servers to resolve domain names. You can also create rules for the Singbox to determine how each server should be used.
"dns": {
"servers": [],
"rules": [],
"final": "",
"strategy": "",
"disable_cache": false,
"disable_expire": false
}Code language: JSON / JSON with Comments (json)Sing-Box allows you to select from various DNS protocols and configure the servers you want to use for domain queries. You can create rules to specify that certain domains should be queried through different DNS servers.
This can be useful when you want to avoid appearing as though you are attempting to bypass censorship, as a lack of DNS traffic can be a red flag.
Using your ISP’s DNS for specific domains will make your online activity more typical to external observers.
For example, the below configuration uses the DNS server from dci.ir to query all .ir domains, and the rest is sent to Google’s 8.8.8.8 server.
"dns": {
"servers": [{
"tag": "local",
"address": "217.218.127.127",
"detour": "direct"
},
{
"tag": "google",
"address": "tls://8.8.8.8"
}, {
"tag": "block",
"address": "rcode://success"
}
],
"rules": [{
"geosite": "category-ads-all",
"server": "block"
}, {
"domain_suffix": "ir",
"server": "local"
}],
"final": "google",
"strategy": "prefer_ipv4",
"disable_cache": false,
"disable_expire": false
}
Code language: JSON / JSON with Comments (json)In the above example, the detour refers to where DNS traffic will be sent. If we do not define a detour, specific DNS server traffic will be sent via your default outbound, which will be defined later in the routing section.
To hijack the DNS traffic of your clients using Sing-Box, the sniff function for your specific inbound must be enabled. Alternatively, you can route DNS traffic through the “dns-out” option in the routing section. Here is an example from official documentation.
Review other configurations for the Singbox, such as Log settings, inbounds and outbounds, routing rules, and its experimental features.
