Where I live, at the outsides of Cordoba, I got really few choices of ISPs. The big players like Fibertel don’t reach this area, so I got to choose between some small WISP that exists over here.

I went with Infodocta’s option, and after initial setup, I ran to my router to change the DNS so I could be able to watch US Netflix. I saw with surprise that my public IP changed randomly, that made me think that my ISP had several gateways to the internet, and I was being victim of their load balancer, making impossible to use one of the DNS services that offer you US Netflix, as they use your IP to identify you as a customer. So I took hands on the Job, and I setup my own DNS with HAproxy to get Netflix. This caused my second surprise. When I got everything ready, and pointed my router to my new DNS server, I discovered, that Infodocta was also making a redirection of every dns call to their own DNS. This upset me a lot, so I decided to go ahead and encrypt all my DNS traffic, as a full VPN solution was not the solution that I was looking for. The solution to my problem was to install a dnscrypt-wrapper server on my DNS server and to modify the dnsproxy for Mac OS X to be able to tunnel dns traffic into that direction, bypassing all the filtering that my ISP was doing.

Software Required:

• Debian GNU/Linux Server VM located in the US(Can be other distro, this guide is based on Debian 7)
• Dnsmasq Server (I choose dnsmasq because it is able to redirect only certain A hosts of a domain to other IP)
• Dnscrypt-wrapper (Server side of the dnscrypt solution)
• Dnscrypt-OSxClient (Graphical tool for Mac OS X)

So basically what we are going to do is to setup a dns caching server that redirects certain hosts (Netflix) to our proxy and forward all the other queries to google or OpenDNS for proper resolution. All this queries will be done through an encrypted tunnel to avoid hijack.

Dnsmasq

A simple apt-get command will get your dnsmasq up and running.

apt-get install dnsmasq

Now go to /etc/dnsmasq.conf and add the following:

address=/www.humblebundle.com/104.131.27.181
address=/s.hulu.com/104.131.27.181
address=/play.hulu.com/104.131.27.181
address=/signup.netflix.com/104.131.27.181
address=/www.netflix.com/104.131.27.181
address=/appboot.netflix.com/104.131.27.181
address=/cbp-us.nccp.netflix.com/104.131.27.181
address=/a248.e.akamai.net/104.131.27.181
address=/api-global.netflix.com/104.131.27.181
address=/movies.netflix.com/104.131.27.181
address=/movies1.netflix.com/104.131.27.181
address=/secure.netflix.com/104.131.27.181
address=/moviecontrol.netflix.com/104.131.27.181
address=/api.netflix.com/104.131.27.181
address=/api-us.netflix.com/104.131.27.181
address=/uiboot.netflix.com/104.131.27.181
address=/cbp.nccp.netflix.com/104.131.27.181
address=/ios.nccp.netflix.com/104.131.27.181
address=/xbox.nccp.netflix.com/104.131.27.181
address=/nccp-nrdp-31.cloud.netflix.net/104.131.27.181
address=/nintendo.nccp.netflix.com/104.131.27.181
address=/playstation.nccp.netflix.com/104.131.27.181
address=/nrdp.nccp.netflix.com/104.131.27.181
address=/android.nccp.netflix.com/104.131.27.181
address=/video.dl.playstation.net/104.131.27.181
address=/ssm.internet.sony.tv/104.131.27.181
address=/ssm1.internet.sony.tv/104.131.27.181
address=/ssm2.internet.sony.tv/104.131.27.181
address=/ssm3.internet.sony.tv/104.131.27.181
address=/treb.internet.sony.tv/104.131.27.181
address=/www.wdtvlive.com/104.131.27.181
address=/www.pandora.com/104.131.27.181
address=/tuner.pandora.com/104.131.27.181
address=/mediaserver-sv5-rt-1.pandora.com/104.131.27.181
address=/abc.go.com/104.131.27.181
address=/api.watchdisneyxd.go.com/104.131.27.181
address=/api.watchabc.go.com/104.131.27.181
address=/www.crackle.com/104.131.27.181
address=/api.crackle.com/104.131.27.181
address=/ios-api.crackle.com/104.131.27.181
address=/ios-api-us.crackle.com/104.131.27.181
address=/appletv.crackle.com/104.131.27.181
address=/android-api-us.crackle.com/104.131.27.181
address=/xboxone-api-us.crackle.com/104.131.27.181
address=/ps3-api-us.crackle.com/104.131.27.181
address=/roku-api.crackle.com/104.131.27.181
address=/content.uplynk.com/104.131.27.181
address=/c.brightcove.com/104.131.27.181
address=/release.theplatform.com/104.131.27.181
address=/www.crunchyroll.com/104.131.27.181
address=/api.crunchyroll.com/104.131.27.181
address=/www.dramafever.com/104.131.27.181
address=/token.dramafever.com/104.131.27.181
address=/static.discoverymedia.com/104.131.27.181
address=/link.theplatform.com/104.131.27.181
address=/www.iheart.com/104.131.27.181
address=/www.last.fm/104.131.27.181
address=/ws.audioscrobbler.com/104.131.27.181
address=/ext.last.fm/104.131.27.181
address=/www.logotv.com/104.131.27.181
address=/activity.flux.com/104.131.27.181
address=/j.maxmind.com/104.131.27.181
address=/mog.com/104.131.27.181
address=/www.mtv.com/104.131.27.181
address=/udat.mtvnservices.com/104.131.27.181
address=/media.mtvnservices.com/104.131.27.181
address=/video.nbcuni.com/104.131.27.181
address=/video.nbc.com/104.131.27.181
address=/video.syfy.com/104.131.27.181
address=/urs.pbs.org/104.131.27.181
address=/www.smithsonianchannel.com/104.131.27.181
address=/once.unicornmedia.com/104.131.27.181
address=/www.spike.com/104.131.27.181
address=/www.thewb.com/104.131.27.181
address=/www.cwtv.com/104.131.27.181
address=/media.cwtv.com/104.131.27.181
address=/pdl.warnerbros.com/104.131.27.181
address=/cdn.wwtv.warnerbros.com/104.131.27.181
address=/www.vevo.com/104.131.27.181
address=/sb.vevo.com/104.131.27.181
address=/videoplayer.vevo.com/104.131.27.181
address=/www.vh1.com/104.131.27.181
address=/screen.yahoo.com/104.131.27.181
address=/geo.yahoo.com/104.131.27.181
address=/geo.query.yahoo.com/104.131.27.181
address=/mvid.yql.yahoo.com/104.131.27.181
address=/hls.video.query.yahoo.com/104.131.27.181
address=/usgageo.edgesuite.net/104.131.27.181
address=/tve_nbc-vh.akamaihd.net/104.131.27.181
address=/ipad-streaming.cbs.com/104.131.27.181
address=/www.sony.net/104.131.27.181
address=/internet.sony.tv/104.131.27.181
address=/applicast.ga.sony.net/104.131.27.181
address=/bravia.dl.playstation.net/104.131.27.181
address=/bravia-e.dl.playstation.net/104.131.27.181
address=/bivl.netflix.com/104.131.27.181
address=/bivl.pandora.com/104.131.27.181
address=/htmltvui-api.netflix.com/104.131.27.181
address=/hlsioscwtv.warnerbros.com/104.131.27.181
address=/hbo.com/104.131.27.181
address=/www.hbo.com/104.131.27.181
address=/store.hbo.com/104.131.27.181
address=/itsh.bo/104.131.27.181
address=/showtimeanytime.com/104.131.27.181
address=/www.showtimeanytime.com/104.131.27.181
address=/hbogo.com/104.131.27.181
address=/www.hbogo.com/104.131.27.181
address=/devicecast.hbogo.com/104.131.27.181
address=/catalog.lv3.hbogo.com/104.131.27.181
address=/profile.hbogo.com/104.131.27.181
address=/pro.hbogo.com/104.131.27.181
address=/hls.hbo.lv3.hbogo.com/104.131.27.181
address=/i.hbo.lv3.hbogo.com/104.131.27.181
address=/pdl.misc.lv3.hbogo.com/104.131.27.181
address=/smooth.misc.lv3.hbogo.com/104.131.27.181
address=/smooth.pro17.lv3.hbogo.com/104.131.27.181
address=/reporting.hbogo.com/104.131.27.181
address=/register.hbogo.com/104.131.27.181
address=/proxy-test.trick77.com/104.131.27.181
address=/dns-test.trick77.com/104.131.27.181