How To Guide: Encrypt DNS on your WRT

Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Marvell MVEBU based Hardware (WRT1900AC etc.)
Goto page Previous  1, 2
Author Message
SurprisedItWorks
DD-WRT Guru


Joined: 04 Aug 2018
Posts: 1198
Location: Appalachian mountains, USA

PostPosted: Thu May 06, 2021 15:40    Post subject: Reply with quote
On the WRT3200ACM the fallback build currently regarded as the relatively "stable" option is 44048. Before that one, 40009 was the goto build for some time. Newer builds are giving 3200 owners considerable stress, but if you want to try, 46069 is working for some people, particularly those without Apple devices in their networks. See the new-build threads for more detail.
_________________
Five WRT1900ACSv2's on 44048, 46069, 46816: VLANs, VAPs, NAS, client mode, OpenVPN client (AirVPN), DDNS, wireguard servers and clients (AzireVPN), two DNSCrypt DNS providers (incl Quad9) via OpenVPN/wireguard clients.
Sponsor
itwontbewe
DD-WRT User


Joined: 29 Sep 2020
Posts: 130

PostPosted: Wed Jun 09, 2021 13:10    Post subject: Reply with quote
your custom conf has to be at

/jffs/etc/unbound.conf

https://svn.dd-wrt.com/changeset/30220
https://svn.dd-wrt.com/changeset/36376

the tinkeruntilitworks guide had it wrong until 04/27/20
whatsashell
DD-WRT Novice


Joined: 26 Mar 2017
Posts: 37

PostPosted: Sat Jun 12, 2021 0:04    Post subject: Reply with quote
Has anyone had their ISP's say anything about this?

Just a quick wireshark test and it becomes painfully clear you're running a DNS server with all these encrypted requests.
ATHF
DD-WRT Guru


Joined: 14 Dec 2015
Posts: 741
Location: 127.0.0.1

PostPosted: Sun Jun 20, 2021 6:44    Post subject: Reply with quote
whatsashell wrote:
Has anyone had their ISP's say anything about this?

Just a quick wireshark test and it becomes painfully clear you're running a DNS server with all these encrypted requests.

I haven't been doing it this way, but I have Raspberry Pis doing the DNS with encryption for 4 months and no problems here.

_________________
Tutorial for flashing WRT series
WRT Installation,Upgrade & Basic Setup–Cliff Notes
r46681: WRT3200ACM, WRT1200ACv1 & 1 Velop in bridge mode(IoT subnet), WRT1900ACv1
Velop:2 WHW0101, RE6500, RE9000(AP)
TWC/Spectrum - 1000/50
SysLog Watcher 5, Security Onion 2 on Virtual Box, Fingboxes, PiHoles, NEMS, Cacti, rpisurv
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 4402
Location: UK, London, just across the river..

PostPosted: Sun Jun 20, 2021 12:14    Post subject: Reply with quote
whatsashell wrote:
Has anyone had their ISP's say anything about this?

Just a quick wireshark test and it becomes painfully clear you're running a DNS server with all these encrypted requests.


Its up to your ISP agreement, but in most of the cases they shouldn't have a word against it..as all goes encrypted....via firewall bypassing ports 443, 853 and ect..

_________________
Atheros
TP-Link WR740Nv1 -----DD-WRT 46974 BS AP,NAT
TP-Link WR740Nv4 -----DD-WRT 44251 BS WAP/Switch
TP-Link WR1043NDv2 ---DD-WRT 46885 BS AP,NAT,AP Isolation,Ad-Block,Firewall,Local DNS,Forced DNS,DoT,VPN,VLAN
TP-Link WR1043NDv2 ---DD-WRT 46974 BS AP,NAT,AD/Block,Firewall,Local DNS,Forced DNS,DoT,VPN,VLAN
TP-Link WR1043NDv2 ---Gargoyle OS 1.12.0 AP,NAT,QoS,Quotas
Qualcomm/IPQ8065
Netgear R7800 -----DD-WRT 46979 BS AP,NAT,AD-Block,AP&Net Isolation,VLAN's,Firewall,Local DNS,DoT
Broadcom
Netgear R7000 -----DD-WRT 46979 BS AP,Wi-Fi OFF,NAT,AD-Block,Firewall,Local DNS,Forced DNS,VLAN's,DoT,VPN
-----------------------------------------------------------------------------------------------
Stubby for DNS over TLS I DNSCrypt v2 by mac913
Goto page Previous  1, 2 Display posts from previous:    Page 2 of 2
Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Marvell MVEBU based Hardware (WRT1900AC etc.) All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum