Using Asus RT68U with Kong version 39660.
Followed all the installation instructions and configured as follows above standard configuration
server_names = ['cs-useast']
listen_addresses = ['127.0.0.1:30']
when trying to start the service getting failed.
Any ideas where to look?
you have to use only V2 compatible servers...
if you check the list you will see only few support v2
the rest with ver 1.95 support, will not work with v2 as they are not downward compatible...totally different !!
if you follow the guide and your router CPU is supported and has enough power than it will work...otherwise use
stubby or unbound as DNS encrypted alternative...
Joined: 16 Nov 2015 Posts: 6411 Location: UK, London, just across the river..
Posted: Thu Nov 14, 2019 8:16 Post subject:
do you have a NTP time correct ??
set your time zone and use this IP for NTP
216.239.35.4
otherwise check your firewall iptables rules,
do you have a DNSmasq rules that might interfere..
and last resort as there is no wiki i cant check your router CPU specs, make sure DNScrypt-proxy v2 is supported...
do you use NANO to edit, make sure spacing is correct..
if i have a time i ll try to set it again on my
R7000 and will report so far i use DoT on it and its fine.. _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55179 WAP
TP-Link WR1043NDv2 -DD-WRT 55303 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55460 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55460 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55363 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
do you have a NTP time correct ??
set your time zone and use this IP for NTP
216.239.35.4
otherwise check your firewall iptables rules,
do you have a DNSmasq rules that might interfere..
and last resort as there is no wiki i cant check your router CPU specs, make sure DNScrypt-proxy v2 is supported...
do you use NANO to edit, make sure spacing is correct..
if i have a time i ll try to set it again on my
R7000 and will report so far i use DoT on it and its fine..
I decided to install dnssec from the beginning, now it starts, I'm all set, I checked which dns I'm using and looks like it picks the correct DNS _________________ Netgear R9000 main router
RAX80 as AP
Posted: Thu Jan 23, 2020 5:00 Post subject: R7000 v1 dnscrypt proxy2 not starting
Tried installing dnscrypt-proxy2-nohf today by following the guide. Facing issues while starting it with rc.unslung /opt/etc/init.d/rc.unslung start says started. but process is not running tried executiing rc.unslung start multiple times always says started then process stops. Any idea what could have gone wrong?
Joined: 16 Nov 2015 Posts: 6411 Location: UK, London, just across the river..
Posted: Thu Jan 23, 2020 14:11 Post subject: Re: R7000 v1 dnscrypt proxy2 not starting
amr_adn wrote:
Tried installing dnscrypt-proxy2-nohf today by following the guide. Facing issues while starting it with rc.unslung /opt/etc/init.d/rc.unslung start says started. but process is not running tried executiing rc.unslung start multiple times always says started then process stops. Any idea what could have gone wrong?
Have you done the toml config file part correctly...?
Did you configure only dnscrypt-proxy2 capable servers??
Otherwise its not working along with old version 1.95 servers...
Do you have NTP time server?
Is NTP time working...?
What is your current build..??
I dont use dnscrypt-proxy2 anymore, as ive found stubby as less troublesome, and takes less resources... _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55179 WAP
TP-Link WR1043NDv2 -DD-WRT 55303 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55460 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55460 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55363 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
I used date -u and date commands to see the time. Time is correct and I checked the syslogd logs it is using correct ntp server time.google.com I tried pool.ntp.org as well. Nothing changed. Still dnscrypt is stopping after starting.
for now I will stick to my raspberry pi which already has dnscrypt proxy2 running with pihole. I wanted to use my pi for other router so I was trying to install entware on dd-wrt on netgear R7000. Looks like it will not work
for now I will stick to my raspberry pi which already has dnscrypt proxy2 running with pihole. I wanted to use my pi for other router so I was trying to install entware on dd-wrt on netgear R7000. Looks like it will not work
Joined: 16 Nov 2015 Posts: 6411 Location: UK, London, just across the river..
Posted: Tue Apr 28, 2020 6:11 Post subject:
johnnyNobody999 wrote:
If a server isn't specified does that mean that it will randomly select servers?
if server is not specified it will not work...
if you have a bunch of servers it will use the first than...
in fact you are scouting the options, unbound, stubby, dnscrypt and if security is your goal, the last one is most secure, sadly it needs more understanding and carefully setting it...than stubby...same is for unbound it needs more understanding of the matter...
personally i was using DNScrypt v2 for a while than moved to stubby..the reason was i needed a light solution...and DNScrypt v2 can be blocked by ndpi filter, if you use it as it is, unless you use DoH option in it......while stubby or unbound are FBDS (firewall bypassing dns solution) _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55179 WAP
TP-Link WR1043NDv2 -DD-WRT 55303 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55460 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55460 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55363 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
If a server isn't specified does that mean that it will randomly select servers?
if server is not specified it will not work...
if you have a bunch of servers it will use the first than...
in fact you are scouting the options, unbound, stubby, dnscrypt and if security is your goal, the last one is most secure, sadly it needs more understanding and carefully setting it...than stubby...same is for unbound it needs more understanding of the matter...
personally i was using DNScrypt v2 for a while than moved to stubby..the reason was i needed a light solution...and DNScrypt v2 can be blocked by ndpi filter, if you use it as it is, unless you use DoH option in it......while stubby or unbound are FBDS (firewall bypassing dns solution)
Yep, there's a lot of things that I need to research because there are a lot of things about the dd-wrt firmware and software (that runs on all platforms - like dnscrypt). There's a lot of options in the dd-wrt firmware and I have no idea when to use most of them and info is hard to come by. I'm currently using dnscrypt2 and unbound on a PC in order to get familiar with them before trying to use them on the router. I've noticed that the unbound.conf has a lot of stuff in it including a section for dnscrypt. None of the dnscrypt section is enabled but dnscrypt is working. So, why is there a dnscrypt section in that file? Knowing how all this stuff interacts with each other is somewhat of a mystery. But, it gives me something to do. But the problem is that you can really mess things up and spend days trying to restore to a working system. Some of the log info is quite cryptic at times though. But, I'm getting better at not messing up stuff. It's nice to have options but hopefully someone with come up with with simpler solutions in the future. Too many options can cause someone to not make a decision (like when buying a car or TV or oven or whatever).