How to resolve the DNS locally when there is a proxy configured?
Andrew Mclaughlin 
If I configure the proxy, under Settings -> Network -> Proxy, and then try to access "", the name resolution (IP of google.com) will happen there, at the proxy server but...
How can I change this behavior?
I mean, I need to resolve the DNS locally at my Desktop, BEFORE hitting the proxy.
But why?
This way, I'll configure "ignore-hosts with lots of subnets (IPv4 / IPv6), that don't need the proxy to reach them", then, Ubuntu first needs to:
1- Resolve the DNS locally (i.e. not via proxy too);
2- Try to match the locally discovered website IP with "ignore-hosts" settings;
Is it possible?
Tks! Thiago
3 Answers
This isn't possible when you use an HTTP proxy because:
- The server you connect to is that of the proxy, not of the ultimate destination.
- You send the full URL (including hostname) of your request to the proxy. The proxy then does the request on your behalf.
Therefore, it must be the proxy that does the DNS lookup.
It isn't possible to do the DNS lookup locally, and send only the IP address to the proxy server. Firstly, there is no mechanism to specify that the proxy should try a particular IP address for a particular host. You could change the URL from, say, to , but then the proxy server won't know which hostname to request, an importanta part of the modern web (HTTP/1.1 and later), which depends on a Host header always being present in a request, removing the restriction that all hostnames be served from different IP addresses.
Your best bet would be to configure the proxy server to use the DNS resolver of your choice. This would only be possible if you use a local proxy server that you control.
Note: When you use a SOCKS proxy or another lower-level tunnelling method, you can use a local DNS server. Just not with an HTTP proxy.
2edit: Or you can use a PAC file to control usage of proxy or not depending on your criteria. Autoproxyresultcache if applicable must be off.
you can install Technitium and be the DNS server.
You need a redsocks proxificator (it will be very difficult to set up because it uses iptables) + some local proxy intermediary like this.
Feature of redsocks is that DNS queries by default go directly, not through proxy. Run: sudo -H -u proxyuser socks5-server. And then the browser or any application.
socks5-server is not necessary, but otherwise you have to run your browser from another user (proxyuser), and run it with xhost+ option.
Instead of redsocks + socks5-server you can try proxychains + 3proxy (socks) > browser. proxychains is a rather weak proxificator and doesn't support all applications (it doesn't support static linked). And then disable SOCKS DNS in your browser. I have not tested this way.
In Windows you can use Proxifier.
2
