I gave an E3000 a shot with build 35531 loaded Entware for MIPSEL (tried MIPS too but would not load correctly) and dnscrypt-proxy2. Started with the normal startup command but the CPU was maxed out and no internet access. I tried many different setting in the toml file but nothing helped. _________________ Home Network on Telus 1Gb PureFibre - 10GbE Copper Backbone
2x R7800 - Gateway & WiFi & 3xWireGuard - DDWRT r53562 Std k4.9
Off Site 1
R7000 - Gateway & WiFi & WireGuard - DDWRT r54517 Std
E3000 - Station Bridge - DDWRT r49626 Mega K4.4
Off Site 2
R7000 - Gateway & WiFi - DDWRT r54517 Std
E2000 - Wired ISP IPTV PVR Blocker - DDWRT r35531
Joined: 16 Nov 2015 Posts: 6446 Location: UK, London, just across the river..
Posted: Thu Sep 19, 2019 17:49 Post subject:
on 1043v2, mine didn't want to start i may need to call it, with start up script...on exit it was showing dead.. _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55630 WAP
TP-Link WR1043NDv2 -DD-WRT 55723 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55779 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55819 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55779 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
have you noticed DNScrypt-proxyv2 generates kind of a traffic...it's not that quite, like stubby is...
I haven't monitored any port connections. But do see it checking for a server with best ping time in syslog. It may also be updating security keys. DNScrypt-proxyv2 does have a more complex setup, maybe changes some of the settings. _________________ Home Network on Telus 1Gb PureFibre - 10GbE Copper Backbone
2x R7800 - Gateway & WiFi & 3xWireGuard - DDWRT r53562 Std k4.9
Off Site 1
R7000 - Gateway & WiFi & WireGuard - DDWRT r54517 Std
E3000 - Station Bridge - DDWRT r49626 Mega K4.4
Off Site 2
R7000 - Gateway & WiFi - DDWRT r54517 Std
E2000 - Wired ISP IPTV PVR Blocker - DDWRT r35531
Joined: 16 Nov 2015 Posts: 6446 Location: UK, London, just across the river..
Posted: Thu Oct 10, 2019 15:44 Post subject:
there was an update for opkg upgrade
after that it said, there is a new dnscryptproxyv2.toml-opkg file...i opened it and it was the same settings i made before...so no idea whats happened...
I monitored eth0 with tcpdump -i eth0 and you can
see a tons of DNScrypt conversations...even when there is nothing on....
If i check router with stubby its a quiet... _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55630 WAP
TP-Link WR1043NDv2 -DD-WRT 55723 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55779 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55819 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55779 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
I checked my tcpdump and see mostly ipv6 and openvpn server traffic. I don't notice any odd dns traffic. Can you post sample of the DNScrypt-proxyv2 generated traffic so I check my end? _________________ Home Network on Telus 1Gb PureFibre - 10GbE Copper Backbone
2x R7800 - Gateway & WiFi & 3xWireGuard - DDWRT r53562 Std k4.9
Off Site 1
R7000 - Gateway & WiFi & WireGuard - DDWRT r54517 Std
E3000 - Station Bridge - DDWRT r49626 Mega K4.4
Off Site 2
R7000 - Gateway & WiFi - DDWRT r54517 Std
E2000 - Wired ISP IPTV PVR Blocker - DDWRT r35531
its very frequent...i haven't tried any others DNScrypt v2 providers as they are only few...
im fine with those but as you said you have a lots of traffic...
this DNS on my main router is not forced as i do have other routers using different DNS
in the networks but than again their stuff is DoT and i cant see it as they are quiet _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55630 WAP
TP-Link WR1043NDv2 -DD-WRT 55723 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55779 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55819 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55779 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
Joined: 16 Nov 2015 Posts: 6446 Location: UK, London, just across the river..
Posted: Fri Oct 11, 2019 6:28 Post subject:
mac913 wrote:
mac913 wrote:
By default tcpdump resolves names this can cause dns inquiry.
-nn = Don’t resolve hostnames or port names
-S = Get the entire packet
Try this command...
tcpdump -nnS -i eth0
tried that, i see only arp requests with it only
but with the standard -i eth0 i can see all the crap...
i don't have STP on br0 nor IGMP snooping turned on br0
and my WAN is full of crap too
multicast is filtered too... _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55630 WAP
TP-Link WR1043NDv2 -DD-WRT 55723 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55779 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55819 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55779 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
By default tcpdump resolves names this can cause dns inquiry.
-nn = Don’t resolve hostnames or port names
-S = Get the entire packet
Try this command...
tcpdump -nnS -i eth0
tried that, i see only arp requests with it only
but with the standard -i eth0 i can see all the crap...
i don't have STP on br0 nor IGMP snooping turned on br0
and my WAN is full of crap too
multicast is filtered too...
Using the "standard -i eth0" of tcpdump give you also "all the crap..." when using tcpdump. _________________ Home Network on Telus 1Gb PureFibre - 10GbE Copper Backbone
2x R7800 - Gateway & WiFi & 3xWireGuard - DDWRT r53562 Std k4.9
Off Site 1
R7000 - Gateway & WiFi & WireGuard - DDWRT r54517 Std
E3000 - Station Bridge - DDWRT r49626 Mega K4.4
Off Site 2
R7000 - Gateway & WiFi - DDWRT r54517 Std
E2000 - Wired ISP IPTV PVR Blocker - DDWRT r35531
Joined: 16 Nov 2015 Posts: 6446 Location: UK, London, just across the river..
Posted: Sun Oct 20, 2019 14:30 Post subject:
mac913 wrote:
Alozaros wrote:
mac913 wrote:
mac913 wrote:
By default tcpdump resolves names this can cause dns inquiry.
-nn = Don’t resolve hostnames or port names
-S = Get the entire packet
Try this command...
tcpdump -nnS -i eth0
tried that, i see only arp requests with it only
but with the standard -i eth0 i can see all the crap...
i don't have STP on br0 nor IGMP snooping turned on br0
and my WAN is full of crap too
multicast is filtered too...
Using the "standard -i eth0" of tcpdump give you also "all the crap..." when using tcpdump.
yep, using -nnS shows less... _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55630 WAP
TP-Link WR1043NDv2 -DD-WRT 55723 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55779 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55819 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55779 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
Joined: 16 Nov 2015 Posts: 6446 Location: UK, London, just across the river..
Posted: Sun Oct 20, 2019 14:40 Post subject:
i recently tried again dnscrypt-proxy2 on 1043v2...
Entware lets me install it, than manually configured it, this time using DoH servers only, as it takes less CPU i guess..but no success..
for some reason dnscrypt-proxy2 doesn't wont to start normally triggered by /opt/etc/init.d/rc.unslung start, nor starts with /opt/etc/init.d/dnscrypt-proxy2 start
on my R7800 its starts normally with /opt/etc/init.d/rc.unslung start
Am I missing something??
P.S. finally i see that DNScrypt-proxy v2 is just not compatible with MIPS, so not much point to try it..
so far i can confirm its running well on R7800 and R7000 i tried before.. _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55630 WAP
TP-Link WR1043NDv2 -DD-WRT 55723 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55779 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55819 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55779 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
Using Asus RT68U with Kong version 39660.
Followed all the installation instructions and configured as follows above standard configuration
server_names = ['cs-useast']
listen_addresses = ['127.0.0.1:30']
when trying to start the service getting failed.
Any ideas where to look? _________________ Netgear R9000 main router
RAX80 as AP
Once Entware is installed you will need install the correct DNScrypt-Proxy V2 package for your router.
- For the R7000 in CLI run "opkg install dnscrypt-proxy2_nohf" without quotes.
- For the R7800 in CLI run "opkg install dnscrypt-proxy2" without quotes.
I haven't done any firmware or entware updates since I installed it, busy with other things. I can recommend if there are more than one dnscrypt-proxy2 listed, uninstall the one you have and try installing the other.
If/when I do test newer installs I will report back. _________________ Home Network on Telus 1Gb PureFibre - 10GbE Copper Backbone
2x R7800 - Gateway & WiFi & 3xWireGuard - DDWRT r53562 Std k4.9
Off Site 1
R7000 - Gateway & WiFi & WireGuard - DDWRT r54517 Std
E3000 - Station Bridge - DDWRT r49626 Mega K4.4
Off Site 2
R7000 - Gateway & WiFi - DDWRT r54517 Std
E2000 - Wired ISP IPTV PVR Blocker - DDWRT r35531
Joined: 16 Nov 2015 Posts: 6446 Location: UK, London, just across the river..
Posted: Wed Nov 13, 2019 13:14 Post subject:
blaser wrote:
Using Asus RT68U with Kong version 39660.
Followed all the installation instructions and configured as follows above standard configuration
server_names = ['cs-useast']
listen_addresses = ['127.0.0.1:30']
when trying to start the service getting failed.
Any ideas where to look?
you have to use only V2 compatible servers...
if you check the list you will see only few support v2
the rest with ver 1.95 support, will not work with v2 as they are not downward compatible...totally different !!
if you follow the guide and your router CPU is supported and has enough power than it will work...otherwise use
stubby or unbound as DNS encrypted alternative... _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55630 WAP
TP-Link WR1043NDv2 -DD-WRT 55723 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55779 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55819 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55779 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913