Struggles w/Stubby

Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Atheros WiSOC based Hardware
Goto page Previous  1, 2
Author Message
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 3868
Location: UK, London, just across the river..

PostPosted: Thu Oct 31, 2019 18:09    Post subject: Reply with quote
so you installed Entware for dual-core routers, ARMv7 ?

ca-certificates are must, the other thing that is vital is, NTP time and spacing in yml, but in case if you run deffo yml file, than spacing must not be considered...
I do have Stubby running on Broadcom, Dual-core routers and single core Atheros and its ok...
same settings last thing corrupted USB drive, or bad partition or so....

i also use opt instead of jffs partition..

_________________
Atheros
TP-Link WR740Nv1 -----DD-WRT 44538 BS AP,NAT
TP-Link WR740Nv4 -----DD-WRT 44251 BS WAP/Switch
TP-Link WR1043NDv2 ---DD-WRT 44538 BS AP,NAT,AP Isolation,Firewall,Local DNS,Forced DNS,DoT,VPN,VLAN
TP-Link WR1043NDv2 ---DD-WRT 44538 BS AP,NAT,AD Block,Firewall,Local DNS,Forced DNS,DoT,VPN,VLAN
TP-Link WR1043NDv2 ---Gargoyle OS 1.12.0 AP,NAT,QoS,Quotas
Qualcomm/IPQ8065
Netgear R7800 -----DD-WRT 44538 BS AP,NAT,AD-Block,AP&Net Isolation,VLAN's,Firewall,Local DNS,DoT
Broadcom
Netgear R7000 -----DD-WRT 44538 BS AP,Wi-Fi OFF,NAT,AD-Block,Firewall,Local DNS,Forced DNS,DoT,VPN
-----------------------------------------------------------------------------------------------
Stubby for DNS over TLS I DNSCrypt v2 by mac913
Sponsor
SDundee
DD-WRT User


Joined: 22 May 2011
Posts: 55

PostPosted: Thu Oct 31, 2019 20:09    Post subject: ARM bug? Reply with quote
I mounted my JFFS to OPT.
Command: mount -o bind /jffs/opt /opt
So using OPT.

FYI, the router is ARMv7 as shown in the DD-WRT status page:

Router ModelLinksys EA8500
Firmware Version DD-WRT v3.0-r41418 std (10/30/19)
Kernel Version Linux 4.9.198 #486 SMP Wed Oct 30 01:51:25 CET 2019 armv7l

I am thinking this may be the stubby ARM bug as in my last post. Will see if that fixes it.
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 3868
Location: UK, London, just across the river..

PostPosted: Fri Nov 01, 2019 6:46    Post subject: Re: ARM bug? Reply with quote
SDundee wrote:
I mounted my JFFS to OPT.
Command: mount -o bind /jffs/opt /opt
So using OPT.

FYI, the router is ARMv7 as shown in the DD-WRT status page:

Router Model Linksys EA8500
Firmware Version DD-WRT v3.0-r41418 std (10/30/19)
Kernel Version Linux 4.9.198 #486 SMP Wed Oct 30 01:51:25 CET 2019 armv7l

I am thinking this may be the stubby ARM bug as in my last post. Will see if that fixes it.


well i have/had Stubby on my R7800 and R7000 too all working smooth if i ware you i would ve start from the scratch following that guide and not doing shortcuts and silly explanations
than if its not working, consider reset and rebuild manually, check USB drive for bad sectors and ect. try to deduct any possible reasons...
for example how do you edit yml file as there spacing is vital and if you open it with the wrong editor it will not work even if the stubby starts...
The last thing in my mind is if you imposed any iptables rules that may prevent it from work...

recently jffs was moved to UBIfs and there was a requirement to clear reformat jffs and mount and paste what ever was there or rebuild from the scratch

good luck...

_________________
Atheros
TP-Link WR740Nv1 -----DD-WRT 44538 BS AP,NAT
TP-Link WR740Nv4 -----DD-WRT 44251 BS WAP/Switch
TP-Link WR1043NDv2 ---DD-WRT 44538 BS AP,NAT,AP Isolation,Firewall,Local DNS,Forced DNS,DoT,VPN,VLAN
TP-Link WR1043NDv2 ---DD-WRT 44538 BS AP,NAT,AD Block,Firewall,Local DNS,Forced DNS,DoT,VPN,VLAN
TP-Link WR1043NDv2 ---Gargoyle OS 1.12.0 AP,NAT,QoS,Quotas
Qualcomm/IPQ8065
Netgear R7800 -----DD-WRT 44538 BS AP,NAT,AD-Block,AP&Net Isolation,VLAN's,Firewall,Local DNS,DoT
Broadcom
Netgear R7000 -----DD-WRT 44538 BS AP,Wi-Fi OFF,NAT,AD-Block,Firewall,Local DNS,Forced DNS,DoT,VPN
-----------------------------------------------------------------------------------------------
Stubby for DNS over TLS I DNSCrypt v2 by mac913
SDundee
DD-WRT User


Joined: 22 May 2011
Posts: 55

PostPosted: Sun Nov 03, 2019 15:30    Post subject: ARM bug Reply with quote
Stubby works for a small number of DNS lookups and then does not complete any more DNS lookups even though the process is running, which seems to be the ARM bug. I think the argument in the script is wrong for the log file as I don't get a log file, I will correct that so I can see from the log what is happening. I will also set the log to 7 so I get all entries including debug (-v 7 argument). The log file argument should be -F <file path> BTW.
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 3868
Location: UK, London, just across the river..

PostPosted: Sun Nov 03, 2019 16:13    Post subject: Reply with quote
add this line to stubby yml

limit_outstanding_queries: 200

as well have a look at stubby example file
there are some good settings as those by
default are very few

hmmm, how do you find that stubby fails?

_________________
Atheros
TP-Link WR740Nv1 -----DD-WRT 44538 BS AP,NAT
TP-Link WR740Nv4 -----DD-WRT 44251 BS WAP/Switch
TP-Link WR1043NDv2 ---DD-WRT 44538 BS AP,NAT,AP Isolation,Firewall,Local DNS,Forced DNS,DoT,VPN,VLAN
TP-Link WR1043NDv2 ---DD-WRT 44538 BS AP,NAT,AD Block,Firewall,Local DNS,Forced DNS,DoT,VPN,VLAN
TP-Link WR1043NDv2 ---Gargoyle OS 1.12.0 AP,NAT,QoS,Quotas
Qualcomm/IPQ8065
Netgear R7800 -----DD-WRT 44538 BS AP,NAT,AD-Block,AP&Net Isolation,VLAN's,Firewall,Local DNS,DoT
Broadcom
Netgear R7000 -----DD-WRT 44538 BS AP,Wi-Fi OFF,NAT,AD-Block,Firewall,Local DNS,Forced DNS,DoT,VPN
-----------------------------------------------------------------------------------------------
Stubby for DNS over TLS I DNSCrypt v2 by mac913
sunny0_0
DD-WRT Novice


Joined: 27 Nov 2019
Posts: 6

PostPosted: Fri Dec 06, 2019 3:35    Post subject: Re: ARM bug Reply with quote
SDundee wrote:
Stubby works for a small number of DNS lookups and then does not complete any more DNS lookups even though the process is running, which seems to be the ARM bug. I think the argument in the script is wrong for the log file as I don't get a log file, I will correct that so I can see from the log what is happening. I will also set the log to 7 so I get all entries including debug (-v 7 argument). The log file argument should be -F <file path> BTW.


I wonder when the patches will reach the entware repo...
wabe
DD-WRT Guru


Joined: 17 Jun 2006
Posts: 765

PostPosted: Tue Dec 17, 2019 8:05    Post subject: Reply with quote
Alozaros wrote:
add this line to stubby yml

limit_outstanding_queries: 200

as well have a look at stubby example file
there are some good settings as those by
default are very few

hmmm, how do you find that stubby fails?

Just found this thread. I have problems with stubby too now.
The history:
- Used Stubby successfully for a few month with Cloudflar, then got lot’s of broken links and disabled
- Tried again this weekend with Quad9 but did not get any traffic on port 853
- Reused my old working configuration against Cloudflare but then no internet connectivity??

_________________
AC-68U rev. C1 on Build 44483
AC-68U rev. A1 on Build 44483
AC-68U rev. A1 on Build 44340
sunny0_0
DD-WRT Novice


Joined: 27 Nov 2019
Posts: 6

PostPosted: Tue Dec 17, 2019 8:28    Post subject: Reply with quote
wabe wrote:
Alozaros wrote:
add this line to stubby yml

limit_outstanding_queries: 200

as well have a look at stubby example file
there are some good settings as those by
default are very few

hmmm, how do you find that stubby fails?

Just found this thread. I have problems with stubby too now.
The history:
- Used Stubby successfully for a few month with Cloudflar, then got lot’s of broken links and disabled
- Tried again this weekend with Quad9 but did not get any traffic on port 853
- Reused my old working configuration against Cloudflare but then no internet connectivity??


Also been broken for me for some time. Longer than it has been a problem for you using the same DNS servers, which is strange, but broken in the same way. I've disabled it for now because I have no idea what the problem could be.
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 3868
Location: UK, London, just across the river..

PostPosted: Tue Dec 17, 2019 9:13    Post subject: Reply with quote
stubby yml is very sensitive to a "spaces" make sure you set it right...
all my stubby's all go trough port 853

resolution_type: GETDNS_RESOLUTION_STUB
round_robin_upstreams: 1
appdata_dir: "/opt/var/lib/stubby"
tls_authentication: GETDNS_AUTHENTICATION_REQUIRED
tls_min_version: GETDNS_TLS1_3
tls_ciphersuites: "TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256"
tls_query_padding_blocksize: 128
edns_client_subnet_private: 1
idle_timeout: 8000
listen_addresses:
- 127.0.0.1@5253
dns_transport_list:
- GETDNS_TRANSPORT_TLS
upstream_recursive_servers:
- address_data: 9.9.9.9
tls_auth_name: "dns.quad9.net"
tls_port: 853
- address_data: 1.1.1.1
tls_auth_name: "cloudflare-dns.com"
tls_port: 853

notice copy paste this script in stubby yml will be a mess...

just c/p the values only....!!


just found this stubby config and test it...it works well
i have pretty similar config, just diff port used
and i use no round robins (set to 0)

you can find many of those and upgrade stubby but make sure spacing is correct...

p.s. currently i can see a lots of 1.1.1.1 problems with their services... but this is
temporally i guess....

_________________
Atheros
TP-Link WR740Nv1 -----DD-WRT 44538 BS AP,NAT
TP-Link WR740Nv4 -----DD-WRT 44251 BS WAP/Switch
TP-Link WR1043NDv2 ---DD-WRT 44538 BS AP,NAT,AP Isolation,Firewall,Local DNS,Forced DNS,DoT,VPN,VLAN
TP-Link WR1043NDv2 ---DD-WRT 44538 BS AP,NAT,AD Block,Firewall,Local DNS,Forced DNS,DoT,VPN,VLAN
TP-Link WR1043NDv2 ---Gargoyle OS 1.12.0 AP,NAT,QoS,Quotas
Qualcomm/IPQ8065
Netgear R7800 -----DD-WRT 44538 BS AP,NAT,AD-Block,AP&Net Isolation,VLAN's,Firewall,Local DNS,DoT
Broadcom
Netgear R7000 -----DD-WRT 44538 BS AP,Wi-Fi OFF,NAT,AD-Block,Firewall,Local DNS,Forced DNS,DoT,VPN
-----------------------------------------------------------------------------------------------
Stubby for DNS over TLS I DNSCrypt v2 by mac913
wabe
DD-WRT Guru


Joined: 17 Jun 2006
Posts: 765

PostPosted: Tue Dec 17, 2019 10:36    Post subject: Reply with quote
Alozaros wrote:
stubby yml is very sensitive to a "spaces" make sure you set it right...
.
.

p.s. currently i can see a lots of 1.1.1.1 problems with their services... but this is
temporally i guess....


My stubby.yml is almost identical to the one you posted.
I’ve found that stubby refuse to start if the yml file is wrongly formatted which is good.
Hopefully Cloudflare will sort out their problems soon.
I will check again in a week or two and see how it works out.

_________________
AC-68U rev. C1 on Build 44483
AC-68U rev. A1 on Build 44483
AC-68U rev. A1 on Build 44340
sunny0_0
DD-WRT Novice


Joined: 27 Nov 2019
Posts: 6

PostPosted: Tue Dec 17, 2019 10:56    Post subject: Reply with quote
Alozaros wrote:
stubby yml is very sensitive to a "spaces" make sure you set it right...
all my stubby's all go trough port 853



The yml file worked until a few weeks ago. Nothing in the config had changed. The problem is something else...
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 3868
Location: UK, London, just across the river..

PostPosted: Tue Dec 17, 2019 16:36    Post subject: Reply with quote
sunny0_0 wrote:
Alozaros wrote:
stubby yml is very sensitive to a "spaces" make sure you set it right...
all my stubby's all go trough port 853



The yml file worked until a few weeks ago. Nothing in the config had changed. The problem is something else...


more likely bad flash drive or you updated and have problems with entware...
what is the output of opkg update or opkg upgrade
you might need to reinstall it from a scratch...

yep something else like buggy clouflare too...try other resolvers...

p.s. I just installed Stubby on my R7000 and its working along with VPN flawlessly..

_________________
Atheros
TP-Link WR740Nv1 -----DD-WRT 44538 BS AP,NAT
TP-Link WR740Nv4 -----DD-WRT 44251 BS WAP/Switch
TP-Link WR1043NDv2 ---DD-WRT 44538 BS AP,NAT,AP Isolation,Firewall,Local DNS,Forced DNS,DoT,VPN,VLAN
TP-Link WR1043NDv2 ---DD-WRT 44538 BS AP,NAT,AD Block,Firewall,Local DNS,Forced DNS,DoT,VPN,VLAN
TP-Link WR1043NDv2 ---Gargoyle OS 1.12.0 AP,NAT,QoS,Quotas
Qualcomm/IPQ8065
Netgear R7800 -----DD-WRT 44538 BS AP,NAT,AD-Block,AP&Net Isolation,VLAN's,Firewall,Local DNS,DoT
Broadcom
Netgear R7000 -----DD-WRT 44538 BS AP,Wi-Fi OFF,NAT,AD-Block,Firewall,Local DNS,Forced DNS,DoT,VPN
-----------------------------------------------------------------------------------------------
Stubby for DNS over TLS I DNSCrypt v2 by mac913
Goto page Previous  1, 2 Display posts from previous:    Page 2 of 2
Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Atheros WiSOC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum