I am not sure if this has been explicitly discussed. I have a Beryl AX running V 4.2.2 Release 1. I am running a Surfshark Wireguard client. I seem to be seeing more ads than in the past. I have set the downstream DNS servers to the Surfshark DNS servers. These are the same ones listed in the text of the Wireguard configuration.
Is the use of the VPN negating the use of Adguard home? If I were to use an Adguard Home installation outside of the router, would it be more effective? I am not sure how Adguard Home and the VPN interoperate with each other.
I am not clear what you mean by “I have set the downstream servers to the Surfshark DNS servers”.
AdGuardHome works as a DNS server to resolve or block DNS resolution of ad sites. In order for it to perform this function, the DNS requests have to be directly to the IP address of the AdGuardHome server. Normally, VPN traffic goes through to the VPN server (Surfshark) and do not reach AdGuardHome.
I do not work for and I am not directly associated with GL.iNet
My mistake. I meant upstream servers. On the Adguard Home DNS settings page, you need to specify the DNS servers that Adguard looks at if the web address is not in their filter tables. If you use the standard Google DNS servers, you get a DNS leak on the VPN. If you enter the VPN’s DNS servers there, there is no leak. This means that the router is looking at Adguard Home, but I am not sure if it is looking at the filter tables.
To confirm what AdGuardHome is doing, you can go to a website that you do not normally use and then check the query log to see if the DNS request was processed or blocked.
You can set up encrypted DNS-over-HTTPS DNS servers (e.g. CloudFlare, Quad) on AdGuardHome.