## Install & Configure
1. Install DNSMasq
  ~~~ sh
  $ brew install dnsmasq
  ~~~

2. Install DNSCrypt-proxy
  ~~~ sh
  $ brew install dnscrypt-proxy
  ~~~
  
3. Configure

  1. /usr/local/etc/dnsmasq.conf ⬇
  2. /Library/LaunchDaemons/homebrew.mxcl.dnscrypt-proxy.plist ⬇
  3. /Library/LaunchDaemons/homebrew.mxcl.dnsmasq.plist ⬇
  4. Reload `dnscrypt-proxy` service

     ~~~ sh
     $ cd /Library/LaunchDaemons/
     $ sudo launchctl unload homebrew.mxcl.dnscrypt-proxy.plist && sudo launchctl load homebrew.mxcl.dnscrypt-proxy.plist
     ~~~
  5. Reload `dnsmasq` service

     ~~~ sh
     $ sudo launchctl unload homebrew.mxcl.dnsmasq.plist && sudo launchctl load homebrew.mxcl.dnsmasq.plist
     ~~~
  6. Set DNS IP: 127.0.0.1

## Check
### DNS Configuration
~~~ sh
$ scutil --dns
~~~

~~~
...
resolver #1
  search domain[0] : openvpn
  nameserver[0] : 127.0.0.1
  flags    : Request A records, Request AAAA records
  reach    : Reachable,Local Address
...
~~~

### DNSCrypt
~~~ sh
$ nslookup -type=txt debug.opendns.com
~~~

~~~
Server:     127.0.0.1
Address:    127.0.0.1#53

Non-authoritative answer:
debug.opendns.com	text = "server 7.ams"
debug.opendns.com	text = "flags 20 0 2f4 800000000000000"
debug.opendns.com	text = "id 0"
debug.opendns.com	text = "source xxx.xxx.xxx.xxx:xxxxx"
debug.opendns.com	text = "dnscrypt enabled (xxxxxxxxxxxxxxxx)"

Authoritative answers can be found from:
~~~

## Useful links:
* [dnsleaktest.com](https://www.dnsleaktest.com)
* [dnscrypt.org](http://dnscrypt.org)
* [opendns.com](http://opendns.com)
* [dnscrypt.eu](https://dnscrypt.eu)