SMARTDNS Guide

Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking
Goto page Previous  1, 2, 3, 4, 5, 6 ... 18, 19, 20  Next
Author Message
TCB13
DD-WRT User


Joined: 06 Jun 2010
Posts: 260
Location: Portugal

PostPosted: Wed Nov 24, 2021 11:28    Post subject: Reply with quote
You're welcome, as usual on point commentary.

egc wrote:
Thanks for this write up, much appreciated.

One question (for all), and three random thoughts Smile

This thread is in the Atheros forum as it is not Atheros specific maybe I should move it to the Advanced networking Forum?


Totally agree.

egc wrote:
(...) upgrading when using JFFS2 might brick some routers (...)
I myself use an USB stick with jffs but that is just me Smile
You can run scripts at startup from jfss by either using the Save USB option (never tested it though)
Or using a a script from startup which call the scripts on jffs which starts with
Code:
is-mounted.sh /jffs

this will delay the executing of the script until your USB stick with jfss is mounted Smile


I've used a USB stick since the days of my old Asus RT-N16 and carried the habit to my main R7000 however I started playing around with JFFS recently again because of the ~90M of storage I get. Its cleaner than a USB stick. Smile I wasn't aware of those upgrade issues tho.

Now question for you: what's the execution order of the "Automatic Drive Mount", built in services, "Save Startup" and "Save USB"?

Yesterday I was trying to do a specific mount on "Save USB" and it only worked if "Automatic Drive Mount" was enabled causing duplicate mounts... Either way before my "Save USB" mount was available the router would:

1) Run my "Save Startup" commands (fixable with your script) causing issues with Entware packages that required that mount
2) Start built in services such as MiniDLNA... had to add a killall to startup to fix.

egc wrote:

Third instead of blocking port 53 you can consider using "Forced DNS Redirection" (Setup page) setting from the GUI which will intercept all DNS queries and redirect it to the router.


Updated post above, if you trust that feature so do I.

_________________
1x Netgear R7800 (latest); 3x Netgear R7000 (latest); 2x Asus RT-N16 (v3.0-r47656); 2x Fonera 2100 (v3.0-r45454).
Sponsor
TCB13
DD-WRT User


Joined: 06 Jun 2010
Posts: 260
Location: Portugal

PostPosted: Wed Nov 24, 2021 13:04    Post subject: Reply with quote
Side note,

My last post brings back the conversion about custom mount points in the "Automatic Drive Mount" section.

Form my understanding, the router won't start the built in services (smartdns, minidlan, samba, etc) until the "Mount this Partition to /jffs" and "Mount this Partition to /opt" mount points are available.

Considering this, instead of just having an option to mount a GUID to /jffs and another to /opt we could have a dynamic option to add custom mounpoints and avoid issues like those all together.

- Mount [input field for GUID] to [input field for path]

Thank you.

_________________
1x Netgear R7800 (latest); 3x Netgear R7000 (latest); 2x Asus RT-N16 (v3.0-r47656); 2x Fonera 2100 (v3.0-r45454).
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12839
Location: Netherlands

PostPosted: Wed Nov 24, 2021 13:31    Post subject: Reply with quote
I can not comment on the Save USB option as I do not use it, but indeed startup sequence can be messy, there are a lot of services relying on each other and to avoid catch 22 there is a lot of starting and restarting Sad

Starting from Save as Startup and waiting for jffs to come online seems to avoid a lot of the troubles.
But you are right JFFS2 comes on line earlier so that you do not have to wait Smile

About the mount points etc, I have to look into that someday.
Actually all services are checking /jfss/etc for conf files before using the built-in conf files but I have to check how or when.

At the moment I am working on WireGuard and OpenVPN, we rely on strict-order to avoid DNS leaks but strict-order is broken and although the bug will be solved in next build strict-order is too unreliable, it gives up very quickly also in earlier builds Sad

Well gives me the opportunity to also add split DNS and more goodies Smile

_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
TCB13
DD-WRT User


Joined: 06 Jun 2010
Posts: 260
Location: Portugal

PostPosted: Wed Nov 24, 2021 14:03    Post subject: Reply with quote
egc wrote:
I can not comment on the Save USB option as I do not use it, but indeed startup sequence can be messy, there are a lot of services relying on each other and to avoid catch 22 there is a lot of starting and restarting Sad

Starting from Save as Startup and waiting for jffs to come online seems to avoid a lot of the troubles.
But you are right JFFS2 comes on line earlier so that you do not have to wait Smile

About the mount points etc, I have to look into that someday.
Actually all services are checking /jfss/etc for conf files before using the built-in conf files but I have to check how or when.

At the moment I am working on WireGuard and OpenVPN, we rely on strict-order to avoid DNS leaks but strict-order is broken and although the bug will be solved in next build strict-order is too unreliable, it gives up very quickly also in earlier builds Sad

Well gives me the opportunity to also add split DNS and more goodies Smile


Thank you for the clarifications and all the great work!

_________________
1x Netgear R7800 (latest); 3x Netgear R7000 (latest); 2x Asus RT-N16 (v3.0-r47656); 2x Fonera 2100 (v3.0-r45454).
hifiboy
DD-WRT Novice


Joined: 18 Nov 2021
Posts: 45

PostPosted: Mon Jan 24, 2022 20:06    Post subject: Reply with quote
TCB13 wrote:
@hifiboy,

Recently I made a fresh install of 11-18-2021-r47656 with SmartDNS in a different way than I documented before. I think this is generally better and cleaner.

It boils down to: 1) enable JFFS (read about it here https://wiki.dd-wrt.com/wiki/index.php/Journalling_Flash_File_System), 2) store the SmartDNS in a file under JFFS and 3) make the required adjustments. Before proceeding I urge you make a backup of your router settings.

1. Enable JFFS
1.1. Administration. > JFFS2 Support section.
1.2. Click Enable JFFS.
1.3. Click Save.
1.4. Wait couple seconds, then click Apply.
1.5. Wait again. Go back to the Enable JFFS section, and enable Clean JFFS. Do not click "Save". Click Apply instead.
1.6. Wait till you get the web-GUI back, then disable "Clean JFFS" again. Click "Save".
1.7. Reboot router

At this point you should see something like this:



Note: if your total/free aren't similar at this point it means the router didn't have time to clean the JFFS. Repeat the process and wait a little longer between each step.

If you SSH into your router (https://www.mysysadmintips.com/other/web/388-ssh-into-dd-wrt-router-remotely) you should have a new mount point and bunch of folders at /jffs:

Code:
ssh root@192.168.1.1

root@router:~# df -h
Filesystem                Size      Used Available Use% Mounted on
/dev/root                22.8M     22.8M         0 100% /
none                    512.0K         0    512.0K   0% /dev
/dev/mtdblock/5          93.8M      2.3M     91.5M   2% /jffs

root@router:~# ls -la /jffs
total 0
drwxr-xr-x    6 root     root             0 Jan  1  1970 .
drwxr-xr-x   15 root     root           231 Nov 17 19:22 ..
drwxr-xr-x    3 root     root             0 Jan  1  1970 etc
drwxr-xr-x    3 root     root             0 Nov 20 15:35 tmp
drwx------    3 root     root             0 Jan  1  1970 var


2. Now create the file at /jffs/etc/smartdns.conf that will store your SmartDNS config using WinSCP or SSH. Create /jffs/etc/ if it doesn't exist.

Currently those are the contents of my /jffs/etc/smartdns.conf:

Code:
server-name router-name
bind [::]:6053
serve-expired yes
log-size 2K
log-num 1
log-level fatal
log-file /tmp/smartdns.log

server-tls 95.216.24.230:853 -host-name: fi.dot.dns.snopyta.org
server-tls 78.46.244.143:853 -host-name: dot-de.blahdns.com
server-tls 95.216.212.177:853 -host-name: dot-fi.blahdns.com
server-tls 116.202.176.26:853 -host-name: dot.libredns.gr


Note: In a friend's router without IPv6 it seems like "bind [::]:6053" crashes SmartDNS. If you experience this behavior replace it with "bind :6053".

3. With that file in place, go to into Services > Services and change the settings of SmartDNS Resolver and Dnsmasq as follows:



Additional Dnsmasq Options:
Code:
local=/xxxxx/
expand-hosts
domain-needed
stop-dns-rebind
rebind-localhost-ok


Note: at "local=/xxxx/" you should replace xxxx with your router domain or remove the line entirely if you don't use it / know what it is.

3.1. Restart everything and you should have SmartDNS up and running. In order to check this, SSH into the router again and run:

Code:
root@router:~# top -bn1 | grep -m1 smartdns
15548     1 root     S     5180  2.0   1  0.0 smartdns -c /jffs/etc/smartdns.conf


If you get similar output, it means that SmartDNS is running and using your jffs config file.

Now, in your computer, you should be able to load websites and/or resolve DNS requests using your router. In your machine run the command:

Code:
> nslookup.exe google.com
Server:  router-name
Address:  192.168.1.1

Non-authoritative answer:
Name:    google.com
Addresses:  2a00:1450:4001:831::200e
          142.250.184.238


As you can see your computer is getting the IP of "google.com" by using your router that will internally resolve the request using SmartDNS.

Optional (maybe for another day): If you want to force all computers in your network to use your router for DNS:

egc wrote:

(...) consider using "Forced DNS Redirection" (Setup page) setting from the GUI which will intercept all DNS queries and redirect it to the router.


Congratulations you've made it!


Hello, Thank so you much for writing down in such a detail.
on netgear 7800 (r48141) I did exactly the same, (copy paste) with the same dns file config on a mounted usb stick with IPv4 only as suggested above.
I used the start up command is-mounted.sh /jffs
however, no DNS resolution
If it is working with USB mount- can please anyone write a smilar to above helpful step by step process that can be simply be coipied/pasted and adapted.
TCB13
DD-WRT User


Joined: 06 Jun 2010
Posts: 260
Location: Portugal

PostPosted: Mon Jan 24, 2022 20:35    Post subject: Reply with quote
hifiboy wrote:

on netgear 7800 (r48141) I did exactly the same, (copy paste) with the same dns file config on a mounted usb stick with IPv4 only as suggested above.
I used the start up command is-mounted.sh /jffs
however, no DNS resolution
If it is working with USB mount- can please anyone write a smilar to above helpful step by step process that can be simply be coipied/pasted and adapted.


I used to run this with USB mounted to jffs and it worked just fine. Can you provide further details? Eg. is the smartdns daemon running? What happens if you run dig google.com @router-ip in your computer?

_________________
1x Netgear R7800 (latest); 3x Netgear R7000 (latest); 2x Asus RT-N16 (v3.0-r47656); 2x Fonera 2100 (v3.0-r45454).
hifiboy
DD-WRT Novice


Joined: 18 Nov 2021
Posts: 45

PostPosted: Mon Jan 24, 2022 23:00    Post subject: Reply with quote
below is the screenshot from dig

also another screenshots
hifiboy
DD-WRT Novice


Joined: 18 Nov 2021
Posts: 45

PostPosted: Mon Jan 24, 2022 23:03    Post subject: Reply with quote
usb
TCB13
DD-WRT User


Joined: 06 Jun 2010
Posts: 260
Location: Portugal

PostPosted: Mon Jan 24, 2022 23:49    Post subject: Reply with quote
hifiboy wrote:
below is the screenshot from dig

also another screenshots


Your smartdns seems to be reading it's config from /tmp/smartdns.conf. It should be running from /jffs/etc/smartdns.conf.

Are you sure the file /jffs/etc/smartdns.conf exists?

Btw, I think is-mounted.sh isn't necessary since you're using the built in auto mount.

_________________
1x Netgear R7800 (latest); 3x Netgear R7000 (latest); 2x Asus RT-N16 (v3.0-r47656); 2x Fonera 2100 (v3.0-r45454).
hifiboy
DD-WRT Novice


Joined: 18 Nov 2021
Posts: 45

PostPosted: Tue Jan 25, 2022 13:10    Post subject: Reply with quote
The config file appear to be there. When I open for editing it also shows the content inside. Not sure how should I further investigate it
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 6411
Location: UK, London, just across the river..

PostPosted: Tue Jan 25, 2022 16:41    Post subject: Reply with quote
hifiboy wrote:
The config file appear to be there. When I open for editing it also shows the content inside. Not sure how should I further investigate it


yep one of the reasons i prefer not to use SmartDNS is, because it is using a 'jffs', to be honest i've tried to run it via entware /opt instead...
Otherwise according to what SmartDNS is capable of, it is decent...if you follow the guide it will work...but on update you have to turn off/unmount jffs and re-enable it after...its very annoying for me...

_________________
Atheros
TP-Link WR740Nv1 ---DD-WRT 55179 WAP
TP-Link WR1043NDv2 -DD-WRT 55303 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55460 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55460 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55363 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913


Last edited by Alozaros on Sun May 01, 2022 21:51; edited 1 time in total
TCB13
DD-WRT User


Joined: 06 Jun 2010
Posts: 260
Location: Portugal

PostPosted: Tue Jan 25, 2022 17:02    Post subject: Reply with quote
hifiboy wrote:
The config file appear to be there. When I open for editing it also shows the content inside. Not sure how should I further investigate it


If the file is placed at /jffs/etc/smartdns.conf and you remove your startup is-mounted command it should work. At least it worked for me that way in the past.

_________________
1x Netgear R7800 (latest); 3x Netgear R7000 (latest); 2x Asus RT-N16 (v3.0-r47656); 2x Fonera 2100 (v3.0-r45454).
TCB13
DD-WRT User


Joined: 06 Jun 2010
Posts: 260
Location: Portugal

PostPosted: Tue Jan 25, 2022 17:03    Post subject: Reply with quote
Alozaros wrote:
hifiboy wrote:
The config file appear to be there. When I open for editing it also shows the content inside. Not sure how should I further investigate it


yep one of the reasons i prefer not to use SmartDNS is, because it is using a 'jffs', to be honest i've never tried to run it via entware /opt instead...
Otherwise according to what SmartDNS is capable of, it is decent...if you follow the guide it will work...but on update you have to turn off/unmount jffs and re-enable it after...its very annoying for me...


The build in SmartDNS will check if there's a file at /jffs/etc/smartdns.conf and use it. If the file can't be find it will use whatever is at /tmp/smartdns.conf.

_________________
1x Netgear R7800 (latest); 3x Netgear R7000 (latest); 2x Asus RT-N16 (v3.0-r47656); 2x Fonera 2100 (v3.0-r45454).
hifiboy
DD-WRT Novice


Joined: 18 Nov 2021
Posts: 45

PostPosted: Tue Jan 25, 2022 18:26    Post subject: Reply with quote
I removed the command remove your startup is-mounted command and turned off an on usb mount two times.
It is still showing the config file in temp

When I do:
root@DD-WRT:~# vi /jffs/etc/smartdns.conf

It opens and shows the content of the file confirming it does exist
hifiboy
DD-WRT Novice


Joined: 18 Nov 2021
Posts: 45

PostPosted: Tue Jan 25, 2022 18:27    Post subject: Reply with quote
also posting the usb details again to check if everything looks okay
Goto page Previous  1, 2, 3, 4, 5, 6 ... 18, 19, 20  Next Display posts from previous:    Page 5 of 20
Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum