Hello. I just upgraded my ramips router (ipTIME A3004NS-dual, 256mb ram, 64GB USB) to OpenWrt 23.05, so far it’s working well. I’d like some extra privacy (my country is known to do some internet censoring) and filter connections to sites I do not want (advertisements, telemetry) and AdGuard Home paired with Unbound seems perfect for this.

Before upgrading I used to run a DoH setup on OpenWrt with CloudFlare’s DNS, but I now want to remove dependencies to these public ‘private’ DNS servers.

I did try searching a lot, but unfortunately as I’m pretty new to networking and hosting things I’m not quite able to understand what I read. Some guides mention using Unbound but still does setup Google/CloudFlare DNS, is that used as a fallback of some sort?

If someone has already done something similar I’d very much appreciate some guidance on how this should be done… Thanks!

EDIT: I think I got it working… but I’d be glad if someone can please tell me a way to test it. dnsleaktest.com shows “None” for hostname…

I followed [1] to install unbound, then changed unbound’s port to 5353, set AdGuardHome’s port to 53 and set AdGuardHome’s DNS settings (Upstream, Bootstrap, Private reverse) to 127.0.0.1:5353. After a reboot it seems to work properly, except that I can no longer connect to other machines using their hostnames. (Previously I could just ssh the machine darkstar using ssh hexagonwin@darkstar, now I need to ssh hexagonwin@192.168.1.XXX) [1]: https://openwrt.org/docs/guide-user/base-system/dhcp_configuration#replacing_dnsmasq_with_odhcpd_and_unbound

1 point

I use unbound forward DNS over TLS to nextdns, I try to keep it simple.

permalink
report
reply
1 point

Yeah, but I’m wanting to only connect to ‘root DNS’ servers (is that the right term?) instead of servers like NextDNS or Cloudflare. Anyway, my configuration is working now, I should probably document them later…

permalink
report
parent
reply

Selfhosted

!selfhosted@lemmy.world

Create post

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.

Rules:

  1. Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it’s not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

Community stats

  • 4.8K

    Monthly active users

  • 3.5K

    Posts

  • 75K

    Comments