AdGuardHome + Brume MV1000 - no internet

Hello, first of all, I love my Brume! It serves us well. Recently, I’ve been able to obtain my pppoe credentials so instead of double NAT I removed my internet provider’s router and use the Brume now as main gateway / router and DHCP server at home. I have FTTH and the ONT connects to the Brume’s WAN port. Everything is working fine, I hav tagged internet with vlan 100 as this is necessary and also this works correctly.

The next step is now to enable AdGuardHome and I can’t seem to get it to work. When starting AdGuard I lose my internet connection.

Brume settings:

• Firmware: 3.203
• Custom DNS settings: DNS Rebinding Attack Protection ON, rest of the settings are off as per recommendations here (no custom DNS enabled, I will enable this in AdGuardHome settings)
• Wireguard off…

root@GL-MV1000:~# cat /etc/config/network
config globals 'globals'
	option ula_prefix '************267::/48'

config interface 'lan'
	option type 'bridge'
	option ifname 'lan0 lan1 usb0'
	option proto 'static'
	option netmask '255.255.255.0'
	option hostname 'GL-MV1000-d03'
	option ipaddr '192.168.8.1'
	option ip6assign '64'
	option ip6hint '0000'
	option ip6ifaceid '::1'

config interface 'wan'
	option hostname 'GL-MV1000-d03'
	option metric '10'
	option username '***@vodafone'
	option password '****'
	option disabled '0'
	option proto 'pppoe'
	option ipv6 'auto'
	option ifname 'wan.100'

config interface 'wan6'
	option proto 'dhcpv6'
	option ifname '@wan'
	option disabled '1'

config interface 'lan0'
	option ifname 'lan0'
	option macaddr '************:dd:04'

config interface 'lan1'
	option ifname 'lan1'
	option macaddr '************dd:04'

root@GL-MV1000:~# cat /etc/resolv.conf
search lan
nameserver 127.0.0.1

AdGuardHome info:

• Version: 0.104.3-1 >> I tried to update through opkg and the UI but it doesn’t show any other/newer version that is available on the current repo.
• After enabling AdGuardHome I can enter the Settings page successfully at port 3000.
• DHCP server is off but I saw I could select br-lan as DHCP. Also with br-lan as DHCP in AdGuard no success.

Problem: After enabling AdGuard I lose my internet connection on all devices. Turning it off gives me internet again.

Any ideas?

Can you access Internet if AdGuardHome is turned off?
Do you see any activity in the AdGuardHome portal at Port 3000 when you try accessing Internet?
In SSH, can you show outputs from “nslookup google.com” and from “traceroute 8.8.8.8”.

I do not work for and I do not have formal association with GL.iNet

Yes, internet works when without AdGuard is off. No activity found (everything is 0) when AdGuard is on and I check the stats page.

This is the output with AdGuard off:

traceroute 8.8.8.8
traceroute to 8.8.8.8 (8.8.8.8), 64 hops max, 52 byte packets
 1  console.gl-inet.com (192.168.8.1)  11.785 ms  4.508 ms  4.400 ms
 2  * * *
 3  10.183.73.17 (10.183.73.17)  13.703 ms  6.428 ms  6.696 ms
 4  172.29.104.97 (172.29.104.97)  5.910 ms  5.359 ms  6.229 ms
 5  * * *
 6  172.29.1.109 (172.29.1.109)  23.104 ms  16.171 ms  15.256 ms
 7  212.166.147.22 (212.166.147.22)  15.246 ms
    212.166.147.222 (212.166.147.222)  15.931 ms
    212.166.147.46 (212.166.147.46)  16.830 ms
 8  * * *
 9  dns.google (8.8.8.8)  16.564 ms  15.625 ms  16.619 ms

nslookup google.com
Server:		192.168.8.1
Address:	192.168.8.1#53

Non-authoritative answer:
Name:	google.com
Address: 216.58.209.78

With AdGuard ON traceroute works as above but nslookup fails:

nslookup google.com
;; connection timed out; no servers could be reached

The problem is DNS, not Internet access, because traceroute 8.8.8.8 is still working.

In SSH, show the output from the following:

cd /etc/AdGuardHome/
./AdGuardHome --version

I do not work for and I do not have formal association with GL.iNet

AdGuard Home, version 0.104.3, channel release, arch linux arm64

My BrumeMV1000W with the same Firmware/AdGuardHome versions works correctly with AdGuardHome. The only difference appears to be your VLAN 100, which “should” not matter.

The only thing I can think of is to check, with AdGuardHome turned on, that /etc/confg/dhcp has the following lines for DNS forwardings :

option noresolv ‘1’
list server ‘127.0.0.1#3053’

I do not work for and I do not have formal association with GL.iNet

Thanks for all the help so far! This is what the first part looks like of that file:

root@GL-MV1000:~# cat /etc/config/dhcp

config dnsmasq
	option domainneeded '1'
	option localise_queries '1'
	option rebind_protection '1'
	option rebind_localhost '1'
	option local '/lan/'
	option domain 'lan'
	option expandhosts '1'
	option authoritative '1'
	option readethers '1'
	option leasefile '/tmp/dhcp.leases'
	option localservice '1'
	option resolvfile '/tmp/resolv.conf.auto'
	option noresolv '1'
	list server '127.0.0.1#3053'

config dhcp 'lan'
	option interface 'lan'
	option start '100'
	option limit '150'
	option leasetime '12h'
	option force '1'
	option ra_management '1'
	list dns 'ddd3:70b8:4267:0000:0000:0000:0000:0001'
	option dhcpv6 'disabled'
	option ra 'disabled'

config dhcp 'wan'
	option interface 'wan'
	option ignore '1'

[....]

The only difference with my file is in the dhcp ‘lan’ section:

config dhcp ‘lan’
option interface ‘lan’
option start ‘100’
option limit ‘51’
option leasetime ‘48h’
option ignore ‘0’
option dhcpv6 ‘disabled’
option ra ‘disabled’

I do not work for and I do not have formal association with GL.iNet

Thank you. I’ve commented out the line with “list dns …” out to try but also that didn’t work. It was there for a reason probably. I already did a full factory reset last week and after that I only applied the pppoe login and the vlan tagging so there are not many custom settings. Not sure what else to try.

Can you post your /etc/AdGuardHome/config.yaml file?

EDIT: You can also check the System Log (logread) for any messsages relating to DNS.

I do not work for and I do not have formal association with GL.iNet

Reported this problem in July last year got snub answer maybe a DNS problem on my side.

This is the config.yml:

root@GL-MV1000:~# cat /etc/AdGuardHome/config.yaml
bind_host: 0.0.0.0
bind_port: 3000
users: []
http_proxy: ""
language: en
rlimit_nofile: 0
debug_pprof: false
web_session_ttl: 720
dns:
  bind_host: 0.0.0.0
  port: 3053
  statistics_interval: 1
  querylog_enabled: true
  querylog_file_enabled: true
  querylog_interval: 7
  querylog_size_memory: 1000
  anonymize_client_ip: false
  protection_enabled: true
  blocking_mode: custom_ip
  blocking_ipv4: 165.22.57.39
  blocking_ipv6: '::'
  blocked_response_ttl: 10
  parental_block_host: family-block.dns.adguard.com
  safebrowsing_block_host: standard-block.dns.adguard.com
  ratelimit: 20
  ratelimit_whitelist: []
  refuse_any: true
  upstream_dns:
  - 9.9.9.9
  - 149.112.112.112
  upstream_dns_file: ""
  bootstrap_dns:
  - 9.9.9.9
  - 149.112.112.112
  all_servers: false
  fastest_addr: false
  allowed_clients: []
  disallowed_clients: []
  blocked_hosts:
  - version.bind
  - id.server
  - hostname.bind
  cache_size: 4194304
  cache_ttl_min: 0
  cache_ttl_max: 0
  bogus_nxdomain: []
  aaaa_disabled: false
  enable_dnssec: false
  edns_client_subnet: false
  max_goroutines: 300
  ipset: []
  filtering_enabled: true
  filters_update_interval: 24
  parental_enabled: true
  safesearch_enabled: false
  safebrowsing_enabled: true
  safebrowsing_cache_size: 1048576
  safesearch_cache_size: 1048576
  parental_cache_size: 1048576
  cache_time: 30
  rewrites: []
  blocked_services: []
tls:
  enabled: false
  server_name: ""
  force_https: false
  port_https: 443
  port_dns_over_tls: 853
  port_dns_over_quic: 784
  allow_unencrypted_doh: false
  strict_sni_check: false
  certificate_chain: ""
  private_key: ""
  certificate_path: ""
  private_key_path: ""
filters:
- enabled: true
  url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
  name: AdGuard Simplified Domain Names filter
  id: 1
- enabled: false
  url: https://easylist-downloads.adblockplus.org/easylistchina+easylist.txt
  name: EasyList China+EasyList
  id: 2
- enabled: false
  url: https://adaway.org/hosts.txt
  name: AdAway
  id: 3
- enabled: false
  url: https://hosts-file.net/ad_servers.txt
  name: hpHosts - Ad and Tracking servers only
  id: 4
- enabled: false
  url: https://www.malwaredomainlist.com/hostslist/hosts.txt
  name: MalwareDomainList.com Hosts List
  id: 5
whitelist_filters: []
user_rules: []
dhcp:
  enabled: false
  interface_name: ""
  dhcpv4:
    gateway_ip: ""
    subnet_mask: ""
    range_start: ""
    range_end: ""
    lease_duration: 0
    icmp_timeout_msec: 1000
    options: []
  dhcpv6:
    range_start: ""
    lease_duration: 0
    ra_slaac_only: false
    ra_allow_slaac: false
clients: []
log_compress: false
log_localtime: false
log_max_backups: 0
log_max_size: 100
log_max_age: 3
log_file: ""
verbose: false
schema_version: 7

What was you solution in the end? I bet my only way is a factory reset.

Installed the Adblock package in luci and using that instead.
Still waiting for wpa3 support on brumeW, yawn.

I’m using and external AP (Ruckus R510) so not using any wireless adapter directly on the Brume. This shouldn’t be an issue I assume as with AGH off it’s all working. I read that the luci package is not maintained anymore and therefore not recommended.

I don’t want to get my hands dirty and go this route ad AGH should work out of the box (this moves the dnsmasq dependency to AGH…): [How-To-Updated 2021] Installing AdGuardHome on OpenWrt [Manual and opkg method] - Community Builds, Projects & Packages - OpenWrt Forum

Maybe @alzhao could help here on the best way forward?

Yes AGH should work out of the box and it did for me until I upgraded to 3.203 and then no more. As for luci not being maintained anymore I would suggest that Brume as a product is not too much different. It was one of the very last to get 3.203 and as I said, still waiting on wpa3.

Your config.yaml is the matches mine. It may be worth to do a factory reset one more time. My BrumeW works with the same firmware and AdGuardHome versions.

I do not work for and I do not have formal association with GL.iNet

Ok, all working now after factory reset.

Final config that works:

root@GL-MV1000:~# cat /etc/config/network

config interface 'loopback'
	option ifname 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix 'fd8a:b9e8:0ccb::/48'

config interface 'lan'
	option type 'bridge'
	option ifname 'lan0 lan1 usb0'
	option proto 'static'
	option netmask '255.255.255.0'
	option ip6assign '60'
	option hostname 'GL-MV1000-d03'
	option ipaddr '192.168.8.1'

config interface 'wan'
	option hostname 'GL-MV1000-d03'
	option metric '10'
	option proto 'pppoe'
	option username 'XXX@vodafone'
	option password 'XXXXXXXX'
	option disabled '0'
	option peerdns '1'
	option ifname 'wan.100'

config interface 'wan6'
	option ifname 'wan'
	option proto 'dhcpv6'
	option disabled '1'

config interface 'lan0'
	option ifname 'lan0'
	option macaddr 'XXX:dd:04'

config interface 'lan1'
	option ifname 'lan1'
	option macaddr 'XXXXdd:04'

I was also able to set Cloudflare upstream DNS servers under Settings using the link from the post above:

SCR-20220328-upx-21920×1886 134 KB

I’ll leave it for now like this and might to a custom install like the from from the OpenWrt Forum or upgrade AdGuard another time to a newer version (not through the update button…). For now the main prio is that it works! Also speed is good and getting the full 600mb up/down for now through the Brume from my FTTH. Perfect.

EDIT:
I now notice that after the factory reset and enabling AGH it automatically applied the below DNS setting in the GUI. Prior to the factory reset this DNS setting was not enabled/visible after I turned AGH on… So probably some sort of bug where it couldn’t apply or overwrite the DNS settings whilst I did turn custom DNS setting off before enabling AGH .

image1110×444 54.1 KB

Adguard Home was available before it was used on the MV1000W, but after the firmware version was upgraded to 3.201, there was a problem and the DNS was not normal.
Considering its flaws in filtering web ads and taking up too much memory, I found a better replacement tool.
As for DNS, I upgraded the built-in solutions to the system and can now be used.

More information:Adguardhome怎么用？去广告好像没作用 - AX1800,AXT1800 - forum.gl-inet.cn - Powered by Discuz!