Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
Next revisionBoth sides next revision
docs:guide-user:services:dns:doh_dnsmasq_https-dns-proxy [2020/10/09 10:55] – update links vgaeteradocs:guide-user:services:dns:doh_dnsmasq_https-dns-proxy [2022/09/15 18:01] – [DoH provider] add Issues section account4538
Line 1: Line 1:
-====== DNS over HTTPS with Dnsmasq and https-dns-proxy ======+====== DoH with Dnsmasq and https-dns-proxy ======
 {{section>meta:infobox:howto_links#cli_skills&noheader&nofooter&noeditbutton}} {{section>meta:infobox:howto_links#cli_skills&noheader&nofooter&noeditbutton}}
  
Line 10: Line 10:
 {{section>docs:guide-user:services:dns:dnscrypt_dnsmasq_dnscrypt-proxy#goals&noheader&nofooter&noeditbutton}} {{section>docs:guide-user:services:dns:dnscrypt_dnsmasq_dnscrypt-proxy#goals&noheader&nofooter&noeditbutton}}
  
-===== Instructions ===== +===== Command-line instructions ===== 
-Install the packages and DNS encryption should be configured automatically.+Install the required packages
 +DNS encryption should be enabled automatically.
  
 <code bash> <code bash>
 # Install packages # Install packages
 opkg update opkg update
-opkg install dnsmasq https-dns-proxy+opkg install https-dns-proxy
 </code> </code>
  
Line 38: Line 39:
 # Runtime configuration # Runtime configuration
 pgrep -f -a dnsmasq; pgrep -f -a https-dns pgrep -f -a dnsmasq; pgrep -f -a https-dns
 +head -v -n -0 /etc/resolv.* /tmp/resolv.* /tmp/resolv.*/*
  
 # Persistent configuration # Persistent configuration
Line 45: Line 47:
 ===== Extras ===== ===== Extras =====
 ==== Web interface ==== ==== Web interface ====
-Install the necessary packages if you want to manage the settings using web interface.+If you want to manage the settings using web interface
 +Install the necessary packages.
  
 <code bash> <code bash>
Line 51: Line 54:
 opkg update opkg update
 opkg install luci-app-https-dns-proxy opkg install luci-app-https-dns-proxy
 +/etc/init.d/rpcd restart
 </code> </code>
  
-  * Navigate to **[[http://openwrt.lan/|LuCI]] -> Network -> DHCP and DNS** to configure Dnsmasq. +  * Navigate to **LuCI -> Network -> DHCP and DNS** to configure Dnsmasq. 
-  * Navigate to **[[http://openwrt.lan/|LuCI]] -> Services -> HTTPS DNS Proxy** to configure https-dns-proxy.+  * Navigate to **LuCI -> Services -> HTTPS DNS Proxy** to configure https-dns-proxy.
  
 ==== DoH provider ==== ==== DoH provider ====
 https-dns-proxy is configured with Google DNS and Cloudflare DNS by default. https-dns-proxy is configured with Google DNS and Cloudflare DNS by default.
-You can change it Google DNS or any other [[wp>Public_recursive_name_server|DoH provider]]. +You can change it to Google DNS or any other [[wp>Public_recursive_name_server|DoH provider]]. 
-Make sure the provider supports DNSSEC validation if required+Use resolvers supporting DNSSEC validation if necessary
-Specify several servers to improve fault tolerance.+Specify several resolvers to improve fault tolerance.
  
 <code bash> <code bash>
Line 74: Line 78:
 </code> </code>
  
 +===== Issues =====
 +
 +If you are using the configurable NextDNS.io (paid subscription), that currently cannot be configured in LuCI.
 +
 +Put your private DNS-over-HTTPS resolver endpoint (found in "Setup" in your NextDNS configuration page) into ''option resolver_url'' which is in ''/etc/config/https-dns-proxy''.
 +
 +LuCI will now erroneously show the wrong resolver in ''Instances'' because it doesn't recognize your private resolver.
 +
 +If you make any changes for https-dns-proxy in LuCI it will overwrite your private resolver so you will need to manually enter it again.
  • Last modified: 2023/12/07 20:04
  • by frollic