Implementation on Openwrt is buggy: You might get SmartDNS to work if you do not use the Luci app, which seems to over-write and or ignore certain values. People have had good luck if they remove the luci app interface front-end for it all-together and just use smartdns by itself.

or

If you specify the https: address as an IP: e.g. 

https://1.1.1.1:443/dns-query

instead of the correct 

https://cloudflare-dns.com/dns-query

These are some alternatives that may produce better results:

Here's an article on the same end-goal, using https-dns-proxy: doh_dnsmasq_https-dns-proxy

And another approach using dnsproxy: dot_dnsmasq_dnsproxy

And another using dnscrypt-proxy2: dnscrypt_dnsmasq_dnscrypt-proxy2

For smartdns, here is probably the clearest forum thread on the issues: https://forum.openwrt.org/t/smartdns-using-cloudflare-upstream-doh-dot-with-smartdns-in-openwrt-how-to/179973/12

TLS certificates cannot be signed to an IP number, only a DNS name. For secure DNS to validate the server's certificate it is necessary to know the server by name, e.g. one-one-one-one, dns9.quad9.net or dns.google (which is 8.8.8.8).

This raises a catch-22 that a standard unencrypted DNS server dnsmasq must also be available to the system to initially look up the IP of the secure server.”

You may find additional information on smartdns on openwrt at: https://pymumu.github.io/smartdns/en/install/openwrt/

This website uses cookies. By using the website, you agree with storing cookies on your computer. Also you acknowledge that you have read and understand our Privacy Policy. If you do not agree leave the website.More information about cookies
  • Last modified: 2026/03/25 23:58
  • by s2s2