Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
Next revisionBoth sides next revision
docs:guide-user:services:dns:dot_dnsmasq_stubby [2021/12/22 05:47] – added alternate testing sites jamesm113docs:guide-user:services:dns:dot_dnsmasq_stubby [2024/04/15 19:55] – [Command-line instructions] Add user guide reference. jbrossard
Line 1: Line 1:
 ====== DoT with Dnsmasq and Stubby ====== ====== DoT with Dnsmasq and Stubby ======
-{{section>meta:infobox:howto_links#cli_skills&noheader&nofooter&noeditbutton}}+{{section>meta:infobox:howto_links#basic_skills&noheader&nofooter&noeditbutton}}
  
 ===== Introduction ===== ===== Introduction =====
Line 20: Line 20:
  
 # Enable DNS encryption # Enable DNS encryption
-/etc/init.d/dnsmasq stop+service dnsmasq stop
 uci set dhcp.@dnsmasq[0].noresolv="1" uci set dhcp.@dnsmasq[0].noresolv="1"
 uci -q delete dhcp.@dnsmasq[0].server uci -q delete dhcp.@dnsmasq[0].server
-uci get stubby.global.listen_address \+uci -q get stubby.global.listen_address \
 | sed -e "s/\s/\n/g;s/@/#/g" \ | sed -e "s/\s/\n/g;s/@/#/g" \
 | while read -r STUBBY_SERV | while read -r STUBBY_SERV
 do uci add_list dhcp.@dnsmasq[0].server="${STUBBY_SERV}" do uci add_list dhcp.@dnsmasq[0].server="${STUBBY_SERV}"
 done done
 +
 +# Disable local use of dnsmasq/stubby. It is not possible for Stubby
 +# to be UP during boot or just right after boot because of the race
 +# condition with SYSNTPd service.
 +# [[:docs:guide-user:base-system:dhcp_configuration#race_conditions_with_sysntpd]]
 +uci set dhcp.@dnsmasq[0].localuse="0"
 +
 uci commit dhcp uci commit dhcp
-/etc/init.d/dnsmasq start+service dnsmasq start
 </code> </code>
  
Line 39: Line 46:
  
 ===== Alternate Testing sites ===== ===== Alternate Testing sites =====
-* https://www.cloudflare.com/ssl/encrypted-sni/ +  * https://www.cloudflare.com/ssl/encrypted-sni/ 
-* https://1.1.1.1/help+  * https://1.1.1.1/help
  
 ===== Troubleshooting ===== ===== Troubleshooting =====
Line 47: Line 54:
 <code bash> <code bash>
 # Restart services # Restart services
-/etc/init.d/log restart; /etc/init.d/dnsmasq restart; /etc/init.d/stubby restart+service log restart; service dnsmasq restart; service stubby restart
  
 # Log and status # Log and status
Line 76: Line 83:
 # Configure DoT provider # Configure DoT provider
 while uci -q delete stubby.@resolver[0]; do :; done while uci -q delete stubby.@resolver[0]; do :; done
-uci set stubby.dns6a="resolver" +uci add stubby resolver 
-uci set stubby.dns6a.address="2001:4860:4860::8888" +uci set stubby.@resolver[-1].address="2001:4860:4860::8888" 
-uci set stubby.dns6a.tls_auth_name="dns.google" +uci set stubby.@resolver[-1].tls_auth_name="dns.google" 
-uci set stubby.dns6b="resolver" +uci add stubby resolver 
-uci set stubby.dns6b.address="2001:4860:4860::8844" +uci set stubby.@resolver[-1].address="2001:4860:4860::8844" 
-uci set stubby.dns6b.tls_auth_name="dns.google" +uci set stubby.@resolver[-1].tls_auth_name="dns.google" 
-uci set stubby.dnsa="resolver" +uci add stubby resolver 
-uci set stubby.dnsa.address="8.8.8.8" +uci set stubby.@resolver[-1].address="8.8.8.8" 
-uci set stubby.dnsa.tls_auth_name="dns.google" +uci set stubby.@resolver[-1].tls_auth_name="dns.google" 
-uci set stubby.dnsb="resolver" +uci add stubby resolver 
-uci set stubby.dnsb.address="8.8.4.4" +uci set stubby.@resolver[-1].address="8.8.4.4" 
-uci set stubby.dnsb.tls_auth_name="dns.google"+uci set stubby.@resolver[-1].tls_auth_name="dns.google"
 uci commit stubby uci commit stubby
-/etc/init.d/stubby restart+service stubby restart
 </code> </code>
  
Line 100: Line 107:
 uci set dhcp.@dnsmasq[0].proxydnssec="1" uci set dhcp.@dnsmasq[0].proxydnssec="1"
 uci commit dhcp uci commit dhcp
-/etc/init.d/dnsmasq restart+service dnsmasq restart
 uci set stubby.global.appdata_dir="/tmp/stubby" uci set stubby.global.appdata_dir="/tmp/stubby"
 uci set stubby.global.dnssec_return_status="1" uci set stubby.global.dnssec_return_status="1"
 uci commit stubby uci commit stubby
-/etc/init.d/stubby restart+service stubby restart
 </code> </code>
  
  • Last modified: 2024/06/13 19:04
  • by dnominated