Multiple upstream DNS servers
Support configuring multiple upstream DNS servers and query at the same time.the query will not be affected, Even if there is a DNS server exception.
Return the fastest IP address
Supports finding the fastest access IP address from the IP address list of the domain name and returning it to the client to avoid DNS pollution and improve network access speed.
Support for multiple query protocols
Support UDP, TCP, TLS, HTTPS queries, and non-53 port queries, effectively avoiding DNS pollution.
Domain IP address specification
Support configuring IP address of specific domain to achieve the effect of advertising filtering, and avoid malicious websites.
Domain name high performance rule filtering
Support domain name suffix matching mode, simplify filtering configuration, filter 200,000 recording and take time <1ms.
Linux/Windows multi-platform support
Support standard Linux system (Raspberry Pi), openwrt system various firmware, ASUS router native firmware. Support Windows 10 WSL (Windows Subsystem for Linux).
Support IPV4, IPV6 dual stack
Support IPV4, IPV6 network, support query A, AAAA record, dual-stack IP selection, and disale IPV6 AAAA record.
HOW IT WORKS:
1.SmartDNS receives DNS query requests from local network devices, such as PCs and mobile phone query requests.
2.SmartDNS sends query requests to multiple upstream DNS servers, using standard UDP queries, non-standard port UDP queries, and TCP queries.
3.The upstream DNS server returns a list of Server IP addresses corresponding to the domain name. SmartDNS detects the fastest Server IP with local network access.
4.Return the fastest accessed Server IP to the local client.
Right now, I don't see any options on specifying your own preferred DNS servers....Not sure how this works with dnsmasq yet. Need another guru to chime in.
Edit by moderator (egc) attached some setup instructions, only visible when you are logged in
Joined: 16 Nov 2015 Posts: 6447 Location: UK, London, just across the river..
Posted: Tue Mar 31, 2020 18:00 Post subject:
As it seems SmartDNS has a full bag of tricks to offer i may move to it, and not use Stubby anymore, as it offers TLS, HTTPS and so on ...
well... Stub resolvers have their own advantage too...but there ware problems with Entware/opkg recently, so SmartDNS seems safer and sound option.. _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55630 WAP
TP-Link WR1043NDv2 -DD-WRT 55723 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55779 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55819 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55779 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
Last edited by Alozaros on Wed Apr 01, 2020 17:31; edited 2 times in total
Joined: 03 Jan 2010 Posts: 7568 Location: YWG, Canada
Posted: Tue Apr 07, 2020 7:21 Post subject:
so this isnt recursive like unbound and is a forwarder like dnsmasq? and unable to place smartdns.conf into /jffs/etc like for unbound, to override default config with what i trying for. so its basically forced with bs's defaults which is impossible for adblocking unless it goes somewhere else.. _________________ LATEST FIRMWARE(S)
BrainSlayer wrote:
we just do it since we do not like any restrictions enforced by stupid cocaine snorting managers
I suppose an option would be to switch off in GUI and start manually using a custom configfile in a script? _________________ Netgear R7000 on Build 55109
Asus AC-AC68U rev. C1 (AP) on Build 55109
Asus AC-68U rev. A1 on Build 54604
Asus AC-68U rev. A1 on Build 53339
Joined: 16 Nov 2015 Posts: 6447 Location: UK, London, just across the river..
Posted: Wed Apr 08, 2020 13:57 Post subject:
still WIP, you cannot prove its working..as BS hasn't added the config box yet...
those finds i ve fond its using those DNS from those boxes are not a prove its working...
SMTDNS does not accept any commands yet and those settings provided only, are not useful at all..
the reason you see those DNS in the config doesn't make it work...
I tried editing its shit but no avail its not saving those as they are in TMP folder if you didn't notice..
SO i hope in the near future will be more clear whats going on so far its WIP _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55630 WAP
TP-Link WR1043NDv2 -DD-WRT 55723 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55779 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55819 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55779 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
Joined: 17 Sep 2009 Posts: 22 Location: Las Vegas, NV, United States
Posted: Wed Apr 08, 2020 16:04 Post subject:
What's needed is a list of URIs that test each transport and method and kind of result. All preferably on a single thing that either loads with a green color or does not load over something with red in the background.
That list should also include for the humans what each test case should ideally smart resolve to.
This page could be anywhere on the net.
Such a list would be a great tool for people not using the SmartDNS as well to know where their stack is inferior; to know how they match up to what could be.
I have SmartDNS OFF... I just checked, I thought it was on because some things that normally would not resolve are working and I was certain I turned it on.
I cant say it is for the most part working, and I need some test cases.
I also have the shortcut engine off currently.
And I am using Non-Redirecting Google DNS servers for ipv4&ipv6... FOR MOST PEOPLE they will be assigned dns servers which lie obsessively and compulsively while being over burdened with being a search engine for hijacking peoples mistakes and censored or middle-manned domains. I use https://www.grc.com/dns/benchmark.htm to test and find non-redirecting servers. Potentially within my own isp, but this time I went with Google DNS just because I don't like what ISP's been doing or that they have buried their old school dns servers.
If there is an assembled test case list then the tester should also note their DNS sources and configuration for both ipv4 and ipv6.
Would also want test to show if differences form lookup methods.
For example i want to know if isp starts hijacking my 53 port lookups when i think they are going to google and when smart dns contrasts them to alternate lookup methods then the rift in results is shown.[/url]
Joined: 21 Jan 2017 Posts: 1783 Location: Illinois Moderator
Posted: Wed Apr 08, 2020 16:20 Post subject:
KellyGAllen wrote:
What's needed is a list of URIs that test each transport and method and kind of result. All preferably on a single thing that either loads with a green color or does not load over something with red in the background.
That list should also include for the humans what each test case should ideally smart resolve to.
This page could be anywhere on the net.
Such a list would be a great tool for people not using the SmartDNS as well to know where their stack is inferior; to know how they match up to what could be.
I have SmartDNS OFF... I just checked, I thought it was on because some things that normally would not resolve are working and I was certain I turned it on.
I cant say it is for the most part working, and I need some test cases.
I also have the shortcut engine off currently.
And I am using Non-Redirecting Google DNS servers for ipv4&ipv6... FOR MOST PEOPLE they will be assigned dns servers which lie obsessively and compulsively while being over burdened with being a search engine for hijacking peoples mistakes and censored or middle-manned domains. I use https://www.grc.com/dns/benchmark.htm to test and find non-redirecting servers. Potentially within my own isp, but this time I went with Google DNS just because I don't like what ISP's been doing or that they have buried their old school dns servers.
If there is an assembled test case list then the tester should also note their DNS sources and configuration for both ipv4 and ipv6.
Would also want test to show if differences form lookup methods.
For example i want to know if isp starts hijacking my 53 port lookups when i think they are going to google and when smart dns contrasts them to alternate lookup methods then the rift in results is shown.
You're not asking for a lot are you?
Smart DNS is a total Work In Progress right now and no one seems to know how it works...
This is what I got back from BS...which is a mystery to me still:
Forgive the ignorant question, but where would we "customize" smart DNS? In the DNSMASQ Customs box?
BrainSlayer wrote:
on routers which include smartdns. there is a own smartdns option just above dnsmasq.
I assume you either use dnsmasq or smartdns, but not both, correct?
BrainSlayer wrote:
both works combined since we still need dnsmasq for dhcp. and you can also combine smartdns with unbound
So a non-answer answer...
I agree that I want to be able to confirm I can specify a list of DNS servers I want to be used and then utilize SmartDNS to use that "whitelist" of DNS servers I specify and be able to confirm that only my whitelist is being used and not some random china dns servers are being pinged...I don't feel confident in smartdns right now...¯\__/¯ _________________ FORUM RULES
Joined: 17 Sep 2009 Posts: 22 Location: Las Vegas, NV, United States
Posted: Wed Apr 08, 2020 16:51 Post subject: Visions
I can see SmartDNS being it's own tab. With A external test/report url which has cases in iframes or just loads images over url cases.
A thing that i was going to make in my custom stack was a comparative dns solution that would show discrepancies and allow for manual selection per domain.
If this ends up in smartdns. Or smartdns just knows the right one... and doesn't get thrown off by wildcard or honeypot dns. Then I don't have to reinvent the wheel for one of my own stack projects and I can just recommend usage of DD-WRT in the underlying components of the stack.
Joined: 21 Jan 2017 Posts: 1783 Location: Illinois Moderator
Posted: Wed Apr 08, 2020 16:55 Post subject: Re: Visions
KellyGAllen wrote:
I can see SmartDNS being it's own tab. With A external test/report url which has cases in iframes or just loads images over url cases.
A thing that i was going to make in my custom stack was a comparative dns solution that would show discrepancies and allow for manual selection per domain.
If this ends up in smartdns. Or smartdns just knows the right one... and doesn't get thrown off by wildcard or honeypot dns. Then I don't have to reinvent the wheel for one of my own stack projects and I can just recommend usage of DD-WRT in the underlying components of the stack.
BS adding a new GUI TAB is not very likely based on past reading of him making gui tweaks... especially since this is router specific and would mean a fork off a main build for gui page for capable and not capable routers, but I could be wrong.
Joined: 17 Sep 2009 Posts: 22 Location: Las Vegas, NV, United States
Posted: Wed Apr 08, 2020 17:09 Post subject:
I can see SmartDNS being it's own tab. IF BS wants to do it... Otherwise if i need such control for my stack i will be on my stack. With A external test/report url which has cases in iframes or just loads images over url cases.
A thing that i was going to make in my custom stack was a comparative dns solution that would show discrepancies and allow for manual selection per domain.
If this ends up in smartdns. Or smartdns just knows the right one... and doesn't get thrown off by wildcard or honeypot dns. Then I don't have to reinvent the wheel for one of my own stack projects and I can just recommend usage of DD-WRT in the underlying components of the stack.
I previously in-visioned a hierarchy in the comparison supporting wildcard in customization specification.
a local white list
a local blacklist list
a local custom choice list
a local overide list [like hosts]
[an ip chains integration for the blacklist supporting wild card ip addresses]
then dns/config acquired servers
then explore acquired servers
which push into the local lists and populate custom override choices.
for example i would be able to choose an outside isp's dns for one domain cached by router dns.
I could block or resolve other one to localhost error for *bilsyndication* and their many tld and sub domains. Effectively terminating all ad's and which i assume to be a potentially 3rd site targeted payload of ad's which may have z-days baked in. I could also ideals say block a class d on this domain as an extreme or just it's ip cautiously. perhaps look up its RIPE data and make ip blocking suggestions by registered owner and leased ips.
A rather strong kill switch example for dns and ads and an other wise very long block list of 'rules'.
that would be next level shaming NextGen with their community/cloud network threat awareness.
perhaps the ability to run certain local clients or ip ranges though a specific final resolver: Perhaps I want my kids to always and only go through opendns for parental control without using the kids device for config, which they can factory reset or custom connect.
keep in mind i am thinking about the brad use through gui and not for high or low level hacks; and i am lending a purpose that i felt before I found this resonating desire better dns.
In the end i am also just as good for a simple enable and disable and it is just that smart. But some customization or particular guidence may be in the end less scope than an ultra high functional iq. A tab could give it a process for the human to help decern what is the right resolution or what is a dead end or unwanted.
My stack would have web gui and even low level underpinnings with php-cli minimal just for the string and type magic. I switch to php-cli during kickstart post script in my Distros sourceforce concept build during install and from on even pushing ssh out from the built node to a internet managing server instance to overcome nat or firewall for C&C.
I've made a suggestion in the svn to either add a text box for custom configuration or looking for a customized smartdns.conf in either /jffs or another directory on a mounted file system. Similar to what's available for smb.
I tried smartdns a couple of days ago. It seems that it curently pulls the default dns servers from your ISP plus servers specified in the dnsmasq custom options.
I would like to be able to use smartdns to only use dns-over-tls enabled servers _________________ Netgear R7000 on Build 55109
Asus AC-AC68U rev. C1 (AP) on Build 55109
Asus AC-68U rev. A1 on Build 54604
Asus AC-68U rev. A1 on Build 53339
Joined: 16 Nov 2015 Posts: 6447 Location: UK, London, just across the river..
Posted: Thu Apr 09, 2020 5:30 Post subject:
wabe wrote:
I've made a suggestion in the svn to either add a text box for custom configuration or looking for a customized smartdns.conf in either /jffs or another directory on a mounted file system. Similar to what's available for smb.
I tried smartdns a couple of days ago. It seems that it curently pulls the default dns servers from your ISP plus servers specified in the dnsmasq custom options.
I would like to be able to use smartdns to only use dns-over-tls enabled servers
+1 for box for tls or https and many other settings _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55630 WAP
TP-Link WR1043NDv2 -DD-WRT 55723 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55779 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55819 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55779 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
good luck.. unbound still doesnt even have a simple config box
Yes, but hope BS at least implements a simple solution, like for smb and unbound, were you can place a custom configuration file on a writeable file system. Would be good enough if a config box is out of reach _________________ Netgear R7000 on Build 55109
Asus AC-AC68U rev. C1 (AP) on Build 55109
Asus AC-68U rev. A1 on Build 54604
Asus AC-68U rev. A1 on Build 53339