Built-in DNS Service
Custom Upstream DNS Servers
Stash supports configuring multiple DNS servers simultaneously. When making a query, Stash will request all servers concurrently and use the quickest response. Stash supports the following DNS protocols:
- Use system-provided DNS:
system
- DNS over UDP:
8.8.8.8
orudp://8.8.8.8
- DNS over TCP:
tcp://8.8.8.8
- DNS over TLS (opens in a new tab):
tls://8.8.8.8:853
ordot://8.8.8.8:853
- DNS over HTTPS (opens in a new tab):
https://1.1.1.1/dns-query
ordoh://1.1.1.1/dns-query
- DNS over QUIC (opens in a new tab):
quic://dns.adguard.com:853
ordoq://dns.adguard.com:853
default-nameserver
is used to resolve domain names for DNS services and only accepts the IP address of DNS servers.
dns:
# The following DNS servers will be used to resolve domain names for DNS services.
# Only enter the IP addresses of DNS servers.
default-nameserver:
- 223.5.5.5
- 114.114.114.114
# Supports DNS services using UDP / TCP / DoT / DoH / DoQ protocols and can specify the specific connection port number.
# All DNS requests will be sent directly to the server and will not go through any proxy.
# Stash will reply to DNS requests with the fastest obtained resolution record.
nameserver:
# It is not recommended to configure more than 2 DNS servers, as it will increase system power consumption.
- https://doh.pub/dns-query
- https://dns.alidns.com/dns-query
- quic://dns.adguard.com:853
- doq://test.dns.nextdns.io:853
- system # Use iOS system DNS
# Skip certificate verification to resolve some compatibility issues https://help.nextdns.io/t/g9hdkjz
skip-cert-verify: true
Stash uses the LRU algorithm to cache DNS queries locally. When the local cache expires, Stash will continue to use the cached result and silently update the record in the background, effectively reducing the request delay caused by DNS cache expiration.
Domain-Based Custom DNS Service
nameserver-policy
can use a specific DNS server for a specified domain name.
dns:
# Use a specific DNS server for certain domain names
nameserver-policy:
'www.baidu.com': 114.114.114.114
'+.internal.crop.com': system
Custom Hosts
# Supports wildcard domains (e.g. *.clash.dev, *.foo.*.example.com)
# Non-wildcard domain names have a higher priority than wildcard domain names (e.g. foo.example.com > *.example.com > .example.com)
# Note: the effect of +.foo.com is equivalent to .foo.com and foo.com
hosts:
'*.clash.dev': 127.0.0.1
'.dev': 127.0.0.1
'alpha.clash.dev': '::1'