so PavelVD to my knowledge and understanding..
you run DNSCrypt via Unbound on the same port...
and it doesn't seems wright...well usually, DoT uses port 853 external and any internal you set for your loop back interface...
well i don't see any need for both of them apart of the options and settings that unbound does provide...
same set of futures and settings even more..you might have with DNScrypt v2,
and no need of unbound to run it...it still does recursive resolving as Stubby does too...if this is your goal...
Than the most interesting thing for me is, which of all above Stubby, DNScrypt, and Unbound drains less resources and provides the best and more stable/fast results...?? (all they do recursive resolving)
so far, im happy with DNSCrypt and Stubby on my units..
No, I ran Unbound on 127.0.0.1#5153, and DNSCrypt on 192.168.1.1#30. And that was for the test.
There is, apparently, a confusion: dnscrypt-proxy is NOT DNSCrypt2. Proxy is still embedded in our firmware. In combination with Unbound, it is good because it allows recursive queries (if I understand everything correctly) and encrypts them, while Unbound caches them.
I found several flaws in the current Unbound and set it aside. Switch to DNSCrypt2 from Entware. In principle, it works well, quickly, does DoH and crypt.
Actually, I would like to return to Unbound in the future. I like that not only my requests are hidden, but also the DNS server that I was accessing. I'm still looking.
It seems that I like the same as you. But I have not tried Stubby yet.
I made several more attempts to switch to Unbound, but returned to DNSCrypt2 again.
When Unbound starts, the cache is still empty and the first requests are processed for a very long time. If you just go on the Internet pages, then such delays can be tolerated. But there are several TV boxes on my network that fail, they need faster responses. Another nuisance: after a long downtime (night, for example), the cache is empty again, and it seems that there is simply no Internet. The "prefetch: yes" parameter in the settings file does not seem to correct this situation.
Please note that the file "named.cache" from the firmware is hopelessly outdated.
Joined: 03 Jan 2010 Posts: 7410 Location: YWG, Canada
Posted: Wed Apr 08, 2020 11:32 Post subject:
to anything, but the default in quotes makes unbound not start.. not even changing it to the /usr/local/etc/ path the custom unbound conf is in. i cant tell if its actually using it, or the ancient default one. i did manually put a up to date named.cache in there anyway.
I can start the unbound in the setup of DD-WRT but for the life of me I can not find any info on how to use the custom setting of unbound from /jffs/unbound as oppose to the default setting, at present I using dnsmasq with great result but wish to play with unbound to see what it can do, any idea people on how to get the custom setting up running.