SMARTDNS Guide

Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking
Goto page Previous  1, 2, 3 ... 12, 13, 14 ... 18, 19, 20  Next
Author Message
the-joker
DD-WRT Developer/Maintainer


Joined: 31 Jul 2021
Posts: 2146
Location: All over YOUR webs

PostPosted: Mon Jul 11, 2022 17:32    Post subject: Reply with quote
All I did was add some sanity to the label, the rest was all egc.
_________________
Saving your retinas from the burn!🔥
DD-WRT Inspired themes for routers
DD-WRT Inspired themes for the phpBB Forum
DD-WRT Inspired themes for the SVN Trac & FTP site
Join in for a chat @ #style_it_themes_public:matrix.org or #style_it_themes:discord

DD-WRT UI Themes Bug Reporting and Discussion thread

Router: ANus RT-AC68U E1 (recognized as C1)
Sponsor
ho1Aetoo
DD-WRT Guru


Joined: 19 Feb 2019
Posts: 2900
Location: Germany

PostPosted: Mon Jul 11, 2022 17:41    Post subject: Reply with quote
egc wrote:
"Use" is redundant I vote for "Only"


Yes short and meaningful just "only". Laughing
But is now unfortunately too late Smile
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12814
Location: Netherlands

PostPosted: Mon Jul 11, 2022 18:11    Post subject: Reply with quote
Hahaha
_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 6388
Location: UK, London, just across the river..

PostPosted: Wed Jul 27, 2022 9:59    Post subject: Reply with quote
is this SmartDNS normal process behaviour...as it runs twice..
Dualstack IP Selection is not selected..if this will make any difference...or may be it runs 2 times couse i use https and tls servers...


_________________
Atheros
TP-Link WR740Nv1 ---DD-WRT 55179 WAP
TP-Link WR1043NDv2 -DD-WRT 55303 Gateway/DoT,Forced DNS,AP Isolation,Ad-Block,Firewall
TP-Link WR1043NDv2 -DD-WRT 55303 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear R7800 --DD-WRT 55363 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55363 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55363 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
TCB13
DD-WRT User


Joined: 06 Jun 2010
Posts: 260
Location: Portugal

PostPosted: Wed Jul 27, 2022 10:39    Post subject: Reply with quote
Alozaros wrote:
is this SmartDNS normal process behaviour...as it runs twice..
Dualstack IP Selection is not selected..if this will make any difference...or may be it runs 2 times couse i use https and tls servers...



It is running one single process with 2 threads.

_________________
1x Netgear R7800 (latest); 3x Netgear R7000 (latest); 2x Asus RT-N16 (v3.0-r47656); 2x Fonera 2100 (v3.0-r45454).
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 6388
Location: UK, London, just across the river..

PostPosted: Wed Jul 27, 2022 18:10    Post subject: Reply with quote
TCB13 wrote:
Alozaros wrote:
is this SmartDNS normal process behaviour...as it runs twice..
Dualstack IP Selection is not selected..if this will make any difference...or may be it runs 2 times couse i use https and tls servers...



It is running one single process with 2 threads.


its quite obvious, isn't it... Rolling Eyes Embarassed Laughing
my question was addressed towards if this is its normal behaviour...x1 process x2 threads, for example i was running Stubby on this unit and it was x1 process/thread...so my question was more inquisitive, than enlightening ... Cool

_________________
Atheros
TP-Link WR740Nv1 ---DD-WRT 55179 WAP
TP-Link WR1043NDv2 -DD-WRT 55303 Gateway/DoT,Forced DNS,AP Isolation,Ad-Block,Firewall
TP-Link WR1043NDv2 -DD-WRT 55303 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear R7800 --DD-WRT 55363 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55363 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55363 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
kernel-panic69
DD-WRT Guru


Joined: 08 May 2018
Posts: 14102
Location: Texas, USA

PostPosted: Wed Jul 27, 2022 18:24    Post subject: Reply with quote
Nice save Rolling Eyes The short answer is "yes".
_________________
"Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Contribute To DD-WRT
Pogo - A minimal level of ability is expected and needed...
DD-WRT Releases 2023 (PolitePol)
DD-WRT Releases 2023 (RSS Everything)

----------------------
Linux User #377467 counter.li.org / linuxcounter.net
kalrez
DD-WRT Novice


Joined: 28 Jan 2022
Posts: 39

PostPosted: Sun Sep 11, 2022 14:41    Post subject: Reply with quote
@msoengineer, Can you check your PDF (SmartDNS 3) for the additional options in Dnsmasq Infrastructure text box.

You have: Server=/adguard-dns.com/9.9.9.9

This did not work for me. Isn't your setting pointing to Quad 9 to resolve ?

(I might not understand why, if this is correct can you explain why as I'm still learning)

What is working for me is: server=/adguard-dns.com/94.140.14.14

My settings that are working (After more hours of tinkering than I want to admit LOL)

SmartDNS Resolver (FINALLY Got it to work with these settings)

# logging is only available on community builds
log-file /tmp/smartdns.log
log-level warn
server-tls 5.2.75.75:853 -host-name: dot.nl.ahadns.net
server-tls 9.9.9.9:853
server-tls 94.140.15.15:853 #adguard
# if you use an URL that must resolve first via unencrypted server, set in DNSMasq Options: server=/dns.adguard-dns.com/9.9.9.9
#server-tls dns.adguard-dns.com


Dnsmasq Infrastructure

# for ntp, time is needed for secure DNS
server=/pool.ntp.org/9.9.9.9
server=/pool.ntp.org/1.0.0.1
# To resolve adguard DoT server
server=/adguard-dns.com/94.140.14.14

Testing pass Adguard DNS by going to Adguards "Test" webpage.

Thanks for the PDF file as it's been a help.
ho1Aetoo
DD-WRT Guru


Joined: 19 Feb 2019
Posts: 2900
Location: Germany

PostPosted: Sun Sep 11, 2022 15:06    Post subject: Reply with quote
Is everything explained

Quote:
# if you use an URL that must resolve first via unencrypted server, set in DNSMasq Options: server=/dns.adguard-dns.com/9.9.9.9


If you have a URL that needs to be resolved unencrypted then you can add such an entry in the additional settings of dnsmasq.

The entry "server=/dns.adguard-dns.com/9.9.9.9" causes "dns.adguard-dns.com" to be resolved via quad9.
only this one address
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 6388
Location: UK, London, just across the river..

PostPosted: Wed Sep 14, 2022 9:33    Post subject: Reply with quote
ho1Aetoo wrote:
Is everything explained

Quote:
# if you use an URL that must resolve first via unencrypted server, set in DNSMasq Options: server=/dns.adguard-dns.com/9.9.9.9


If you have a URL that needs to be resolved unencrypted then you can add such an entry in the additional settings of dnsmasq.

The entry "server=/dns.adguard-dns.com/9.9.9.9" causes "dns.adguard-dns.com" to be resolved via quad9.
only this one address


-i guess if you use the only the servers in SmartDNS option(and you should), it will not use the DNSmasq added servers...(i haven't checked it but it suppose to be like that)...nor any DNS servers from anywhere else...only those in specified in SmartDNS must be used...
-to configure SmartDNS look at my second post and few of the egc posts below https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=323896&postdays=0&postorder=asc&start=135
-you don't need to add any NTP time servers in DNSmasq, as you can add those in IP form in NTP time section...162.159.200.123 is clouflare ntp time server, you can add it, if you want, but you can leave the field blank too..just select your time zone and that's it... DDWRT has its own stack of NTP time servers already added by default... and those work out of the box... (im still using 162.159.200.123 just because i can Smile )

_________________
Atheros
TP-Link WR740Nv1 ---DD-WRT 55179 WAP
TP-Link WR1043NDv2 -DD-WRT 55303 Gateway/DoT,Forced DNS,AP Isolation,Ad-Block,Firewall
TP-Link WR1043NDv2 -DD-WRT 55303 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear R7800 --DD-WRT 55363 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55363 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55363 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12814
Location: Netherlands

PostPosted: Wed Sep 14, 2022 10:42    Post subject: Reply with quote
I do use NTP servers in DNSMasq Additional Options e.g.:
server=/pool.ntp.org/9.9.9.9

I will explain why Smile

Yes you can leave the NTP field blank, but it will first try 2.pool.ntp.org and it cannot resolve that after a time out it will try IP addresses and eventually it will resolve if those IP addresses are valid but it can take some time which could result in timing out of other processes.

You can enter an IP address in the NTP field but maybe it is not operational, so I leave the NTP field blank and let the pool.ntp.org resolve to a working IP address.

But that is just how I do it

_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
Orenzo
DD-WRT Novice


Joined: 07 Oct 2022
Posts: 1

PostPosted: Fri Oct 07, 2022 20:25    Post subject: Reply with quote
. Laughing

Last edited by Orenzo on Thu Dec 22, 2022 17:06; edited 1 time in total
TCB13
DD-WRT User


Joined: 06 Jun 2010
Posts: 260
Location: Portugal

PostPosted: Tue Nov 15, 2022 9:17    Post subject: Reply with quote
egc wrote:
I do use NTP servers in DNSMasq Additional Options e.g.:
server=/pool.ntp.org/9.9.9.9

I will explain why Smile

Yes you can leave the NTP field blank, but it will first try 2.pool.ntp.org and it cannot resolve that after a time out it will try IP addresses and eventually it will resolve if those IP addresses are valid but it can take some time which could result in timing out of other processes.

You can enter an IP address in the NTP field but maybe it is not operational, so I leave the NTP field blank and let the pool.ntp.org resolve to a working IP address.

But that is just how I do it


Interesting tip, I've been using the real IP on the NTP field for ages. Smile

Thank you.

_________________
1x Netgear R7800 (latest); 3x Netgear R7000 (latest); 2x Asus RT-N16 (v3.0-r47656); 2x Fonera 2100 (v3.0-r45454).
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12814
Location: Netherlands

PostPosted: Tue Nov 15, 2022 9:34    Post subject: Reply with quote
Well that also works as long as that IP address is operational Smile

For redundancy I nowadays add in the NTP Server IP/name:
pool.ntp.org time.google.com 212.18.3.19 216.239.35.0

In additional DNSMasq options set:
server=/pool.ntp.org/time.google.com/1.0.0.1
server=/pool.ntp.org/time.google.com/9.9.9.9

_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
TCB13
DD-WRT User


Joined: 06 Jun 2010
Posts: 260
Location: Portugal

PostPosted: Tue Nov 15, 2022 9:49    Post subject: Reply with quote
Anyways, I've a question about the DNSMasq/SmartDNS integration in DD-WRT. If I enable DNSMasq and SmatDNS it seems to using DNSMasq to serve DNS queries on the LAN and configuring it to proxy the DNS queries to SmartDNS:

Code:
cat /tmp/dnsmasq.conf
(...)
server=127.0.0.1#6053


Then SmartDNS run the query, returns the records to DNSMasq that in turn returns it to the device making the request.

Now what if I disable the DNS part of DNSMasq and allow devices to query SmartDNS directly? Does it break anything in DD-WRT?

I tried it and seems to work:



Code:
#  netstat -lunp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
udp        0      0 127.0.0.1:34954         0.0.0.0:*                           3809/nas
udp        0      0 0.0.0.0:41390           0.0.0.0:*                           -
udp        0      0 0.0.0.0:53826           0.0.0.0:*                           -
udp        0      0 0.0.0.0:67              0.0.0.0:*                           1801/dnsmasq
udp        0      0 :::6053                 :::*                                2030/smartdns
udp        0      0 :::41390                :::*                                -
udp        0      0 :::546                  :::*                                1763/dhcp6c
udp        0      0 :::53                   :::*                                2030/smartdns
udp        0      0 :::53826                :::*                                -


It seems to be working faster than before. Is there anything that might break?

https://man.archlinux.org/man/dnsmasq.8#p,

_________________
1x Netgear R7800 (latest); 3x Netgear R7000 (latest); 2x Asus RT-N16 (v3.0-r47656); 2x Fonera 2100 (v3.0-r45454).
Goto page Previous  1, 2, 3 ... 12, 13, 14 ... 18, 19, 20  Next Display posts from previous:    Page 13 of 20
Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum