SMARTDNS Guide

Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking
Goto page Previous  1, 2, 3, ... 18, 19, 20  Next
Author Message
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 6410
Location: UK, London, just across the river..

PostPosted: Thu Apr 09, 2020 10:52    Post subject: Reply with quote
i dearly hope SMTdns will be stable and not screwing tings around, box needed...deff,
otherwise not fun...will wait
apart of that, SmartDNS is present on entware p list, may play around with it...later
still DNSCrypt-proxy v2 has the chicken dinner among the rest (if entware is used)...
unbound / stubby (getDNS) solutions also decent....

_________________
Atheros
TP-Link WR740Nv1 ---DD-WRT 55179 WAP
TP-Link WR1043NDv2 -DD-WRT 55303 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55460 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55460 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55363 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
Sponsor
roadrun777
DD-WRT User


Joined: 24 Jan 2007
Posts: 81

PostPosted: Wed Jun 03, 2020 11:19    Post subject: Not the smartest person in the room but... Reply with quote
So I am curious why smart dns or recursive would be better than using the extra dnsmasq options such as;
conf-file=/path/to/domains.txt
addn-hosts=/path/to/hostnames.txt

and then putting something like
address=/admob.biz/0.0.0.0
address=/admob.biz/::

in the domains.txt file...

So how does smartdns differ? Use cases? Examples?
I am not sure I understand the advantage of it, so please let know.
tatsuya46
DD-WRT Guru


Joined: 03 Jan 2010
Posts: 7568
Location: YWG, Canada

PostPosted: Wed Jun 03, 2020 11:53    Post subject: Re: Not the smartest person in the room but... Reply with quote
roadrun777 wrote:
So I am curious why smart dns or recursive would be better than using the extra dnsmasq options such as;
conf-file=/path/to/domains.txt
addn-hosts=/path/to/hostnames.txt

and then putting something like
address=/admob.biz/0.0.0.0
address=/admob.biz/::

in the domains.txt file...

So how does smartdns differ? Use cases? Examples?
I am not sure I understand the advantage of it, so please let know.


dont use that format, its wasteful, if ur going to use dnsmasq for blocking use it like

address=/admob.biz/

a single / at the end covers both ipv4 & ipv6 in one line, and also returns NXDOMAIN which is better than 0.0.0.0 or 127.0.0.1, when null routing to an ip like those some sites or apps will break, when instead using NXDOMAIN method less breaks occur and its smaller in size too.

smartdns is quite useless currently till/if it will ever support custom configs.

unbound is an option too, finally found a way this morning with unbound thats monstrously faster than dnsmasq, probably identical to what smartdns's speed would be, i have 1.16m lines.

_________________
LATEST FIRMWARE(S)

BrainSlayer wrote:
we just do it since we do not like any restrictions enforced by stupid cocaine snorting managers

[x86_64] Haswell i3-4150/QCA9984/QCA9882 ------> r55488 std
[QUALCOMM] DIR-862L --------------------------------> r55460 std
▲ ACTIVE / INACTIVE ▼
[QUALCOMM] WNDR4300 v1 --------------------------> r50485 std
[BROADCOM] DIR-860L A1 ----------------------------> r50485 std


Sigh.. why do i exist anyway.. | I love you Anthony.. never forget that.. my other 99% that ill never see again..

wabe
DD-WRT Guru


Joined: 17 Jun 2006
Posts: 889

PostPosted: Mon Jul 13, 2020 12:17    Post subject: Reply with quote
Noticed that there are a number of new radio buttons available if you enable smartdns.
‘Dual stack ip selection’ (Default disabled)
Prefetch domain’ (Enabled)
‘Serve expired’ (Enabled)

Anyone knows what these options mean?

_________________
Netgear R7000 on Build 55109
Asus AC-AC68U rev. C1 (AP) on Build 55109
Asus AC-68U rev. A1 on Build 54604
Asus AC-68U rev. A1 on Build 53339
Wildlion
DD-WRT Guru


Joined: 24 May 2016
Posts: 1407

PostPosted: Mon Jul 13, 2020 22:33    Post subject: Reply with quote
wabe wrote:
Noticed that there are a number of new radio buttons available if you enable smartdns.
‘Dual stack ip selection’ (Default disabled)
Prefetch domain’ (Enabled)
‘Serve expired’ (Enabled)

Anyone knows what these options mean?


listed in the wiki:
https://wiki.dd-wrt.com/wiki/index.php/SmartDNS
wabe
DD-WRT Guru


Joined: 17 Jun 2006
Posts: 889

PostPosted: Thu Jul 16, 2020 9:02    Post subject: Reply with quote
egc has posted a patch in svn to read smartdns.conf from /jffs/etc, let's hope BS adds it. In commit 43818 tls support is added to smartdns for routers with enough memory but unless the patch to read a custom configuration file is implemented this is not of much use.
_________________
Netgear R7000 on Build 55109
Asus AC-AC68U rev. C1 (AP) on Build 55109
Asus AC-68U rev. A1 on Build 54604
Asus AC-68U rev. A1 on Build 53339
wabe
DD-WRT Guru


Joined: 17 Jun 2006
Posts: 889

PostPosted: Mon Jul 27, 2020 9:50    Post subject: Reply with quote
Seems that BS has relented and added the function to read a custom configuration from /jffs/etc as of patch 43979. There will also be an option to exclude the default dns servers from the ISP without having to use a custom config file.
_________________
Netgear R7000 on Build 55109
Asus AC-AC68U rev. C1 (AP) on Build 55109
Asus AC-68U rev. A1 on Build 54604
Asus AC-68U rev. A1 on Build 53339
wabe
DD-WRT Guru


Joined: 17 Jun 2006
Posts: 889

PostPosted: Wed Aug 05, 2020 15:16    Post subject: Reply with quote
Have tried smartdns with a custom config file located in /jffs/etc without any glitches on build 44048.
Configured a number of DoT servers and have gotten rid of Stubby which did not work consistently for me.

_________________
Netgear R7000 on Build 55109
Asus AC-AC68U rev. C1 (AP) on Build 55109
Asus AC-68U rev. A1 on Build 54604
Asus AC-68U rev. A1 on Build 53339
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 6410
Location: UK, London, just across the river..

PostPosted: Thu Aug 06, 2020 20:26    Post subject: Reply with quote
wabe wrote:
Have tried smartdns with a custom config file located in /jffs/etc without any glitches on build 44048.
Configured a number of DoT servers and have gotten rid of Stubby which did not work consistently for me.


please elaborate "Configured a number of DoT servers"
and where did you put the settings on jffs... ?

Give more details about the set up...

Stubby is working great never had issue...but it depends...from servers/port used...

next question if embedded smartDNS is used is it on loop back interface too and port 53 is unreplied like stubby...(stub resolver)

last time i played with smartdns editing the config was no fun not working at all that's, why tatsuya46 , and I push BS to put some config box in the GUI to make it more versatile...but config in jffs will do..(hope not broken jffs like it tens to happen very often)...

Sadly don't trust its owner SmartDNS vs Stubby big difference in recognition/acknowledgment... at least for me Smile otherwise SmartDNS seems with more extras and options and not that resource taking like unbound..and still versatile like Stubby...
to be honest Stubby works great in a big time business i implemented it, where internet is very active..schools, stations, hospital, hotel, coffees..
and its simple to use too... well had a look at SmartDNS too.. will be nice to see it working as it should and compare the results... now my hands are itchy...cant wait till tomorrow Smile

_________________
Atheros
TP-Link WR740Nv1 ---DD-WRT 55179 WAP
TP-Link WR1043NDv2 -DD-WRT 55303 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55460 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55460 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55363 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
wabe
DD-WRT Guru


Joined: 17 Jun 2006
Posts: 889

PostPosted: Thu Aug 06, 2020 21:32    Post subject: Reply with quote
Alozaros wrote:


please elaborate "Configured a number of DoT servers"
and where did you put the settings on jffs... ?

Give more details about the set up...



Quite simple to setup.

I did the following:

- Enabled smartdns in the GUI which gives you a standard config file (smartdns.conf) in /tmp
- copied this file to /jffs/etc and removed all "server" lines and replaced with "server-tls" lines such as "server-tls 9.9.9.9:853 -host-name: dns.quad9.net"
- restarted dnsmasq

Smartdns listen to 127.0.0.1:6053 and added to dnsmasq.conf when smartdns is enabled

_________________
Netgear R7000 on Build 55109
Asus AC-AC68U rev. C1 (AP) on Build 55109
Asus AC-68U rev. A1 on Build 54604
Asus AC-68U rev. A1 on Build 53339
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 6410
Location: UK, London, just across the river..

PostPosted: Fri Aug 07, 2020 10:14    Post subject: Reply with quote
'ret = SSL_connect(server_info->ssl); - remove
ret = SSL_do_handshake(server_info->ssl); - set

seems like a reasonable change waiting for the nxt build...

sad bits...
BS - i removed tls etc. just to keep size small. smartdns cannot be included in small routers if tls is available since it depends on openssl etc. smartdns uses your router upstream dns config. and all other settings can be configured at services. so dont say you cannot configure it. you can. if you want to configure the servers. just change your dns settings at the setup page...

i hope 8MB flash size routers are not called 'small' and will have tls or https support, otherwise, i have to run it via entware...

so, far i found it sketchy to set up it via jffs anyway...currently trying on my spare R7800

_________________
Atheros
TP-Link WR740Nv1 ---DD-WRT 55179 WAP
TP-Link WR1043NDv2 -DD-WRT 55303 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55460 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55460 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55363 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913


Last edited by Alozaros on Fri Aug 07, 2020 17:19; edited 2 times in total
wabe
DD-WRT Guru


Joined: 17 Jun 2006
Posts: 889

PostPosted: Fri Aug 07, 2020 11:53    Post subject: Reply with quote
Alozaros wrote:
'ret = SSL_connect(server_info->ssl); - remove
ret = SSL_do_handshake(server_info->ssl); - set

seems like a reasonable change waiting for the nxt build...


Yes, BS has implemented some changes but my configuration works with the current build 44048. I posted a ticket re smartdns since I noticed that the log file didn't work.

_________________
Netgear R7000 on Build 55109
Asus AC-AC68U rev. C1 (AP) on Build 55109
Asus AC-68U rev. A1 on Build 54604
Asus AC-68U rev. A1 on Build 53339
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 6410
Location: UK, London, just across the river..

PostPosted: Fri Aug 07, 2020 16:56    Post subject: Reply with quote
well.... if tls is removed on 8mb routers than what's the point of it.... only for ad-blocking and fartDNS ?

i would trade its adblocking capabilities for tls support, as you can have an adbloker via script.... FFS...

_________________
Atheros
TP-Link WR740Nv1 ---DD-WRT 55179 WAP
TP-Link WR1043NDv2 -DD-WRT 55303 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55460 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55460 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55363 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 6410
Location: UK, London, just across the river..

PostPosted: Sun Aug 09, 2020 10:49    Post subject: Reply with quote
sweet, how do you copy smartdns.conf to jffs as jffs is read only ??
things i tried:
-on linux OS tried to 'sudo mount -rw -o remount /dev/sda1 /location/to/mount/partition/'
-than nano /path to file smartdns.conf to create it, but still no success as it says jffs read only...
how the heck as i already did -rw -o remount
df -h shows jffs as well under GUI it says its mounted (router R7800)

also tried:
nvram set jffs_mounted=1
nvram set enable_jffs2=1
nvram set sys_enable_jffs2=1
nvram set clean_jffs2=1
nvram set sys_clean_jffs2=1
nvram commit
reboot

sadly jffs2 is missing on the (present builds)
also tried with jffs on USB it shows on df -h and when i go

cd /jffs
vi smartdns.conf
edit file add values than esc :w
it says no space left.... on my USB

sadly im not a linux geek and dint make it right, that's why i hate jffs...very often its screwed
as well i wanted to try that on 8MB devices where my target is ...
please give us some clues how to edit/copy file in jffs...

_________________
Atheros
TP-Link WR740Nv1 ---DD-WRT 55179 WAP
TP-Link WR1043NDv2 -DD-WRT 55303 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55460 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55460 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55363 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913


Last edited by Alozaros on Thu Aug 13, 2020 6:33; edited 2 times in total
PavelVD
DD-WRT User


Joined: 26 Jul 2019
Posts: 109

PostPosted: Tue Aug 11, 2020 21:47    Post subject: Reply with quote
Apparently we are talking about an external USB drive (or flash drive) on which one of the sections has a label "/jffs", or is mounted on UUID on the page Services-USB-Mount this Partition to /jffs.
_________________
Linksys WRT1900ACSv2
Automatically adjustable temperature, always within the range of 59-68°С.
Goto page Previous  1, 2, 3, ... 18, 19, 20  Next Display posts from previous:    Page 2 of 20
Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum