@SurprisedItWorks i gave the commands without luck
When i am doing the standard leak test
or the Adguard Test https://adguard.com/en/test.html
i can not see the numbers or at least the dns provider i have put in static DNS section under Setup > Basic Setup > Network Setup or with iptables for a specific ips
Even if i see the correct dns in wifi/ip-status in my mobile phone when i am doing the dns leak tests i am getting some dns numbers belong to Google .
I have tried a lot of combination in the tplink 841n with 34311 and the tplink 842nd with one of the latest versions without luck.
Joined: 16 Nov 2015 Posts: 3573 Location: UK, London, just across the river..
Posted: Fri May 22, 2020 20:08 Post subject:
hmm some devices have preset DNS to 220.127.116.11 ggl...like your phone or smart TVs and so on than your best bet is if your ruter has USB than you can run stubby which encrypts DNS with TLS encryption...
or can try to trick, that device on router level with, IPtables rules...
set that IP to your device that you try if this rule doesnt work than you'd need stubby... _________________ Atheros
TP-Link WR740Nv1 ------DD-WRT 43261 BS WAP/Switch
TP-Link WR740Nv4 ------DD-WRT 43028 BS AP,NAT
TP-Link WR1043NDv2 ----DD-WRT 42287 BS AP,NAT,AD Block,AP Isolation,Firewall,Local DNS,Forced DNS,DoT,VPN
TP-Link WR1043NDv2 ----DD-WRT 43261 BS AP,NAT,AD Block,Firewall,Local DNS,Forced DNS,DoT,VPN
TP-Link WR1043NDv2 ----Gargoyle OS 1.12.0 AP,NAT,QoS,Quotas
Netgear R7800 -------DD-WRT 43290 BS AP,NAT,AD-Block,AP&Net Isolation,VLAN's,Firewall,Local DNS,DoT
Netgear R7000 -------DD-WRT 43290 BS AP,Wi-Fi OFF,NAT,AD-Block,Firewall,Local DNS,Forced DNS,DoT,VPN
Stubby for DNS over TLS I DNSCrypt v2 via Entware by mac913
it is not working. i tried before i think.
is it hard to install stubby?
I have only a mobile phone here.
Is it enough the tp-link 842nd with 8MB ram and a USB port?
i was thinking two other ways if it is possible.
To check if the Adblock dns provider have some alternative port Except the 53.
if there is such an option will you help to find a solution?
And if we can set another dd-wrt router i have in another house working like PPPoe client to accept DNS requests from here.
Probably i will have more delay but if it is easy i can try.
The only problem for this tjat is none there to do something if something goes wrong in that dd-wrt PPPoe router
Joined: 04 Aug 2018 Posts: 743 Location: Appalachian mountains, USA
Posted: Fri May 22, 2020 22:40 Post subject:
Your last two rules are identical. One of them needs a slightly different destination address. _________________ Six Linksys WRT1900ACSv2 (40009/41954/42926):
VLANs, multiple VAPs, NAS, QoS, client-mode travel router, OpenVPN client/PBR (AirVPN), two DNSCrypt servers (incl Quad9) routed through vpn.
Joined: 11 Oct 2015 Posts: 14 Location: Stockholm, Sweden
Posted: Sat May 23, 2020 8:08 Post subject:
Little off-topic, I take a gamble just to give some hints: outsource your dns/dhcp from the router.
It's alot easier if you have advanced dns issues and configuration to put your dns service on another server.
Example from my setup:
For my main network (ex. 192.168.1.x) I have disabled DHCP on the router and compiled a configured dnsmasq running on a Raspberry Pi. It also serves as a DHCP-server for my main network. On the routers firewall outbound DNS is blocked except for specified dns-servers.
For my guest network (ex. 192.168.2.x) DHCP is enabled on dd-wrt router (see below).
In the router gui [Services>Services: Dnsmasq] I have added:
In this way guests get access to it's own DNS-configuration and my main network has another. For example, I use an adblocker on my raspberry to serve my main network. But for guests there is no adblocking. And if I get some issues due to adblocking I could quickly test if that's the case by changing networks. _________________ Build: DD-WRT v3.0-r43055 std (05/05/20)
Router: Netgear AC2600 X4S R7800NE-100PES
Install guide R7800: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614