[iodine-users] Difference between iodine and a VPN over UDP port 53

Erich Eckner iodine at eckner.net
Wed Nov 17 17:17:15 CET 2021

On Thu, 19 Aug 2021, Nils Andre wrote:

> Hello everyone,


> As stated on the homepage of iodine, a use case of iodine is to be able
> to access the internet despite being in a network where internet access
> is firewalled but DNS queries are allowed.
> I would imagine that in most cases where this is the case, what is
> actually happening is that requests over all ports but port 53 are
> blocked. With this assumption in mind, how is iodine different than a
> standard VPN over UDP port 53 (in terms of being able to access the
> internet)?

iodine operates several layers above udp: you don't actually need a 
(direct) connection to the dns server, rather you just need a direct 
connection to some (stub) resolver, which can resolve your domain.

This is actually the more common case than "all ports blocked except 53 
udp": Most clients nowadays don't traverse the dns tree, but rather only 
query a stub resolver (e.g. or your ISP's resolver).

> Thanks,
> Nils


More information about the iodine-users mailing list