Joined: 16 Nov 2015 Posts: 6388 Location: UK, London, just across the river..
Posted: Wed Jul 27, 2022 9:59 Post subject:
is this SmartDNS normal process behaviour...as it runs twice..
Dualstack IP Selection is not selected..if this will make any difference...or may be it runs 2 times couse i use https and tls servers...
_________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55179 WAP
TP-Link WR1043NDv2 -DD-WRT 55303 Gateway/DoT,Forced DNS,AP Isolation,Ad-Block,Firewall
TP-Link WR1043NDv2 -DD-WRT 55303 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear R7800 --DD-WRT 55363 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55363 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55363 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
is this SmartDNS normal process behaviour...as it runs twice..
Dualstack IP Selection is not selected..if this will make any difference...or may be it runs 2 times couse i use https and tls servers...
It is running one single process with 2 threads. _________________ 1x Netgear R7800 (latest); 3x Netgear R7000 (latest); 2x Asus RT-N16 (v3.0-r47656); 2x Fonera 2100 (v3.0-r45454).
Joined: 16 Nov 2015 Posts: 6388 Location: UK, London, just across the river..
Posted: Wed Jul 27, 2022 18:10 Post subject:
TCB13 wrote:
Alozaros wrote:
is this SmartDNS normal process behaviour...as it runs twice..
Dualstack IP Selection is not selected..if this will make any difference...or may be it runs 2 times couse i use https and tls servers...
It is running one single process with 2 threads.
its quite obvious, isn't it...
my question was addressed towards if this is its normal behaviour...x1 process x2 threads, for example i was running Stubby on this unit and it was x1 process/thread...so my question was more inquisitive, than enlightening ... _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55179 WAP
TP-Link WR1043NDv2 -DD-WRT 55303 Gateway/DoT,Forced DNS,AP Isolation,Ad-Block,Firewall
TP-Link WR1043NDv2 -DD-WRT 55303 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear R7800 --DD-WRT 55363 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55363 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55363 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
@msoengineer, Can you check your PDF (SmartDNS 3) for the additional options in Dnsmasq Infrastructure text box.
You have: Server=/adguard-dns.com/9.9.9.9
This did not work for me. Isn't your setting pointing to Quad 9 to resolve ?
(I might not understand why, if this is correct can you explain why as I'm still learning)
What is working for me is: server=/adguard-dns.com/94.140.14.14
My settings that are working (After more hours of tinkering than I want to admit LOL)
SmartDNS Resolver (FINALLY Got it to work with these settings)
# logging is only available on community builds
log-file /tmp/smartdns.log
log-level warn
server-tls 5.2.75.75:853 -host-name: dot.nl.ahadns.net
server-tls 9.9.9.9:853
server-tls 94.140.15.15:853 #adguard
# if you use an URL that must resolve first via unencrypted server, set in DNSMasq Options: server=/dns.adguard-dns.com/9.9.9.9
#server-tls dns.adguard-dns.com
Dnsmasq Infrastructure
# for ntp, time is needed for secure DNS
server=/pool.ntp.org/9.9.9.9
server=/pool.ntp.org/1.0.0.1
# To resolve adguard DoT server
server=/adguard-dns.com/94.140.14.14
Testing pass Adguard DNS by going to Adguards "Test" webpage.
Joined: 16 Nov 2015 Posts: 6388 Location: UK, London, just across the river..
Posted: Wed Sep 14, 2022 9:33 Post subject:
ho1Aetoo wrote:
Is everything explained
Quote:
# if you use an URL that must resolve first via unencrypted server, set in DNSMasq Options: server=/dns.adguard-dns.com/9.9.9.9
If you have a URL that needs to be resolved unencrypted then you can add such an entry in the additional settings of dnsmasq.
The entry "server=/dns.adguard-dns.com/9.9.9.9" causes "dns.adguard-dns.com" to be resolved via quad9.
only this one address
-i guess if you use the only the servers in SmartDNS option(and you should), it will not use the DNSmasq added servers...(i haven't checked it but it suppose to be like that)...nor any DNS servers from anywhere else...only those in specified in SmartDNS must be used...
-to configure SmartDNS look at my second post and few of the egc posts below https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=323896&postdays=0&postorder=asc&start=135
-you don't need to add any NTP time servers in DNSmasq, as you can add those in IP form in NTP time section...162.159.200.123 is clouflare ntp time server, you can add it, if you want, but you can leave the field blank too..just select your time zone and that's it... DDWRT has its own stack of NTP time servers already added by default... and those work out of the box... (im still using 162.159.200.123 just because i can ) _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55179 WAP
TP-Link WR1043NDv2 -DD-WRT 55303 Gateway/DoT,Forced DNS,AP Isolation,Ad-Block,Firewall
TP-Link WR1043NDv2 -DD-WRT 55303 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear R7800 --DD-WRT 55363 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55363 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55363 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
Joined: 18 Mar 2014 Posts: 12812 Location: Netherlands
Posted: Wed Sep 14, 2022 10:42 Post subject:
I do use NTP servers in DNSMasq Additional Options e.g.:
server=/pool.ntp.org/9.9.9.9
I will explain why
Yes you can leave the NTP field blank, but it will first try 2.pool.ntp.org and it cannot resolve that after a time out it will try IP addresses and eventually it will resolve if those IP addresses are valid but it can take some time which could result in timing out of other processes.
You can enter an IP address in the NTP field but maybe it is not operational, so I leave the NTP field blank and let the pool.ntp.org resolve to a working IP address.
I do use NTP servers in DNSMasq Additional Options e.g.:
server=/pool.ntp.org/9.9.9.9
I will explain why
Yes you can leave the NTP field blank, but it will first try 2.pool.ntp.org and it cannot resolve that after a time out it will try IP addresses and eventually it will resolve if those IP addresses are valid but it can take some time which could result in timing out of other processes.
You can enter an IP address in the NTP field but maybe it is not operational, so I leave the NTP field blank and let the pool.ntp.org resolve to a working IP address.
But that is just how I do it
Interesting tip, I've been using the real IP on the NTP field for ages.
Anyways, I've a question about the DNSMasq/SmartDNS integration in DD-WRT. If I enable DNSMasq and SmatDNS it seems to using DNSMasq to serve DNS queries on the LAN and configuring it to proxy the DNS queries to SmartDNS:
Code:
cat /tmp/dnsmasq.conf
(...)
server=127.0.0.1#6053
Then SmartDNS run the query, returns the records to DNSMasq that in turn returns it to the device making the request.
Now what if I disable the DNS part of DNSMasq and allow devices to query SmartDNS directly? Does it break anything in DD-WRT?