I think there are a few misunderstandings. Explain to us what happens when you un-tick "use DNSMasq for DNS", as advised in the guide. Does it not disable advertising router's IP for DNS to the LAN? Please explain fully, concisely, and show us without a shadow of a doubt what it does, please. K,thanks. _________________ "The woods are lovely, dark and deep,
But I have promises to keep,
And miles to go before I sleep,
And miles to go before I sleep." - Robert Frost
"I am one of the noticeable ones - notice me" - Dale Frances McKenzie Bozzio
if I use the "use DNSMasq for DNS" option I have many problems, including not entering the AGH GUI, and on many devices, it gives me a network configuration error (dhcp) so I had to deselect it, and everything started working again...
so since I'm not an expert I ask you if you have time, to try to do a test using AGH with DNSmasq and the related configurations.
following this guide everything works apart from the error of option 6, which I then removed from the configurations, everything else is ok.
If you untick "use dnsmasq for DNS" per the guide, it will not advertise the router's LAN IP as DNS resolver, hence reasoning for adding no-resolv and dhcp option to additional configs to point to AGH. Leaving it ticked will enable dnsmasq proxy as resolver and circumvent AGH. _________________ "The woods are lovely, dark and deep,
But I have promises to keep,
And miles to go before I sleep,
And miles to go before I sleep." - Robert Frost
"I am one of the noticeable ones - notice me" - Dale Frances McKenzie Bozzio
Joined: 16 Nov 2015 Posts: 6447 Location: UK, London, just across the river..
Posted: Wed Feb 28, 2024 7:54 Post subject:
You can still use AGH and DNSmasq...just use the correct setup...
As it was noted many times..(and one reason for me to abandon the thread)
-there must be some tolerance from AGH side in relation of DHCP and DNS..
-using https for AGH GUI is a must...(i know its an optional, but its a must)
-there is this note of a doubt, as when AGH takes over the router services ...we don't know, what
could be the communication behind...and the robustness of the service...(in terms of DDoS and other attacks) as, more new foreign services are introduced to DDWRT more attack vectors...
I don't see any reason to disable DNSmasq...
-you can stop its cache (so, no caching, no cache poisoning)
-you can disable its other futures like query in strict order, DNSSEC and other options, you can even disable DHCP and rely on upstream DHCP server/forwarder and ect...
-DNSmasq and its DNS encrypted solutions that i used / tested.. all work ok with DNSmasq as a forwarder...and even caching works...!!
The only advantage i see of AGH is QUIC and that is all..to me it doesn't ring the bell..and i don't need a API/GUI for it...if you really need a sophisticated DNS resolving with beautiful graph's and GUI, than Pi hole for DNS is the way...good read and links in the forum thanks to ho1Aetoo...but than again more external stuff around, more fiddling...so, simplicity ...sometimes wins... _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55630 WAP
TP-Link WR1043NDv2 -DD-WRT 55723 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55779 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55819 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55779 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
Amplifying information regarding contents of resolv.conf, resolv.dnsmasq, and dnsmasq.conf, etc. and configuration screenshots would help us determine the cause of the message. _________________ "The woods are lovely, dark and deep,
But I have promises to keep,
And miles to go before I sleep,
And miles to go before I sleep." - Robert Frost
"I am one of the noticeable ones - notice me" - Dale Frances McKenzie Bozzio
after changing it to
dhcp-option=br0,6,192.168.1.1
few problems were solved:
1) no more errors in the messages file.
2) it uses only the Upstream DNS servers configured and not my provider dns in parallel _________________ Netgear R9000 main router
RAX80 as AP