GDNS Network-Wide DNS Filtering Solution

Flexible Deployment

Runs on commodity hardware and containers (Linux, Windows, Docker)

Privacy & Security

Secure, encrypted DNS queries and Supports DoH, DoT, and DNSCrypt to prevent ISP

Network-wide Protection

Blocks ads, trackers, and phishing domains across the entire network without installing apps on individual devices

Performance & Efficiency

Lightweight resource consumption and DNS caching reduces latency and improves browsing speed

 

Product Overview

G-DNS provides network-wide protection by blocking ads, trackers, malware, and phishing domains at the DNS level before they reach user devices. It enhances privacy with encrypted DNS support and DNSSEC validation, ensuring secure and authentic responses. Flexible to deploy across multiple platforms, it offers simple management through a web dashboard and API, while its lightweight design and caching deliver fast performance. Cost-effective and easy to use, G-DNS enables safer and cleaner internet access for all devices on the network.

Key Features

 

  • DNS-based filtering: block ads, trackers, analytics, and malicious domains.
  • Custom rules: whitelist/blacklist, Adblock-style syntax support.
  • Encrypted DNS: DNS-over-HTTPS (DoH), DNS-over-TLS (DoT), DNSCrypt.
  • Client-based policies: per-device filtering (IP, MAC, Client ID).
  • Parental controls: optional blocklists for adult content.
  • Cross-platform: Linux, Windows, macOS, Raspberry Pi, Docker.
  • Web-based admin interface: statistics, query logs, top clients.
  • REST API: automate config, retrieve logs, integrate with tools.

Security & Compliance

 

  • Privacy-first: no data collection, logs remain local unless exported.
  • Encrypted DNS: prevents ISP-level DNS snooping and manipulation.
  • DNSSEC validation: ensures integrity of upstream DNS answers.
  • Configurable log retention: align with compliance requirements.

Deployment Scenarios

  • Standalone mode: simple resolver for single and multi LAN.
  • Docker/Kubernetes: containerized deployment in cloud or lab.
  • Forwarding mode: integrate with Unbound or upstream DoH/DoT providers.
  • Hybrid: combine with enterprise firewall or gateway filtering.

Architechture

The architecture ensures that all DNS requests flow through G-DNS first, where filtering and security policies are applied. Only safe and allowed requests are then forwarded to upstream DNS servers, creating a secure, private, and ad-free network environment.

How its working

When a client device sends a DNS request, G-DNS receives and identifies the source, applying the appropriate filtering profile based on IP, MAC, or device ID. The request is then checked against blocklists, custom rules, and per-client policies. If the domain is blocked, a safe response (such as 0.0.0.0 or NXDOMAIN) is returned immediately. If allowed, G-DNS consults its local DNS cache; if a valid cached entry exists, it is delivered directly, reducing latency.

Otherwise, the query is securely forwarded to configured upstream resolvers, which may be public DNS services or internal recursive resolvers, using DoH, DoT, or DNSCrypt. Responses are validated (with DNSSEC when enabled), cached for future use, logged into the query database, and displayed in the dashboard. Finally, the resolved answer is returned to the client, ensuring that all devices benefit from filtered, private, and efficient DNS resolution.

Management

G-DNS provides a web-based management interface that makes configuration and monitoring straightforward. Through the dashboard, administrators can view real-time statistics such as the number of queries processed, the percentage of blocked requests, top client devices, and frequently queried domains.
The management page also allows easy control of filtering rules. Administrators can add or remove blocklists, configure custom whitelist and blacklist entries, and assign different policies to specific clients or groups of devices. Each client can be identified by IP, MAC address, or device ID, enabling per-device filtering and parental control.
For advanced users, G-DNS includes a REST API, which allows automation, integration with monitoring tools, and external reporting. Logs and historical statistics are also accessible directly through the interface, making it simple to analyze traffic patterns or troubleshoot issues.

Systems Requirement