Here I found a the solution to the problem; Source of DNS queries not seen in adguard of alternative dns server like Pi-hole - #8 by wcs2228
I successfully disabled DNS functionality in dnsmasq and enabled AdGuardHome as DNS server.
Stop dnsmasq and AdGuardHome:
/etc/init.d/dnsmasq stop
/etc/init.d/AdGuardHome stop
In /etc/config/dhcp, replace the following lines:
option noresolv ‘1’
list server ‘127.0.0.1#3053’
with:
option localuse ‘0’
option port ‘0’
In /etc/AdGuardHome/config.yaml, replace:
port: 3053
with:
port: 53
Start dnsmasq and AdGuardHome:
/etc/init.d/dnsmasq start
/etc/init.d/AdGuardHome start
Back up the 2 files before starting changes and restore the 2 backup files to reverse changes.
EDIT: Configure DHCP server to give DNS as the router’s IP address via LuCI → Network → Interfaces → LAN → Edit → DHCP Server → Advanced Settings → DHCP-Options. Enter the following and click Save, then click Save & Apply:
6,192.168.8.1
If you have changed the router’s IP address from the default 192.168.8, then enter the new IP address preceded by “6,”
EDIT: Here is the OpenWRT reference:
I do not work for and I do not have formal association with GL.iNet
Thanks. I did something similar with dnsmasq but through Luci and it left DHCP was broken. I should have edited the config files directly.
Newbie question, where can I execute the command? I accessed LUCI but no idea in how to procedure from there.
The editing of files under /etc is to be done by logging into SSH on the router. The remaining steps can be done in LuCI.
Thank you for sharing!
Thank you! Worked. The only issue I am having now (not sure if it is the cause) is my VPN when connected does not respect the rule of VPN Policy Base on the Target Domain or IP
Hi, I just updated the AdGuardHome version in my Gli-Net M3000 router to version 0.1.07.24
I used the GitHub version AdGuardHome_linux_armv7.tar.gz.
It came to my attention that the AdGuardHome version from the router I flashed yesterday is much bigger than the version from GitHub. Do you know why?
AdGuardHome_bu is the version from the beta4 firmware.
Gli-Net M3000 router’s current AdGuardhome version is v0.107.8 AdGuardHome_linux_arm64
Need to check changelog about size/optimization.
I was using the 32bit version instead of 64bit. However, that doesn’t change the size of the file much.
Question here: Why is the original file on the router 12 MB bigger than the newer one in the GitHub repository?
That’s Adguardhome v0.107.24 has size optimzation on older version v0.107.8.
I got this error message when i wanted to install AdguardHome plug-in. I only just had the router just over a year.
Collected errors: * verify_pkg_installable: Only have 5984kb available on filesystem /overlay, pkg AdGuardHome needs 10442 * opkg_install_cmd: Cannot install package AdGuardHome.
my current firmware - 3.216
This error indicates that the storage space is insufficient to install adguardhome.
what can i do to create space, please?
Pls check exroot
I tried to install on Beryl MT-1300 running 4.3.1b1 and after installation, I don’t see adguard in the applications but going to 192.168.8.1:3000 to run the setup, I get a warning about DNS already in use. See attached photo:
It doesn’t make sense to install AdGuard on a Beryl. It’s not powerful enough.
So far htop is showing the router doing just fine with AGH. I finally got it installed and here are the steps I took:
- Install an SD card in the SD card slot. I’m using SanDisk 64Gb extreme (~$10 on Amazon)
- The card will auto mount. You should
umount /dev/mmcblk0
- Format the card
mke2fs -t ext4 /dev/mmcblk0
- In luci, system —> mount points, then add the new disk as an overlay then save and apply the updated config
- Add swap through ssh:
a.dd if=/dev/zero of=/mnt/mmcblk0/myswap.swp bs=1k count=1048576
## I set the swap file to 1G which is a bit more than recommended for this router. Normally we want it to be 2X ram. Good news is swappiness is set to 60 so no adjustments necessary there.
b.mkswap /mnt/mmcblk0/myswap.swp
c.swapon /mnt/mmcblk0/myswap.swp
- Back in luci we need to enable swap to turn on during boot. Go to system —> startup —> local startup. Add this as the first line after the comments
/usr/sbin/swapon /mnt/mmcblk0/myswap.swp
- While we are in luci, let’s go ahead and force dhcp to send the router IP address as the DNS server. To do this, we can go to network —> interfaces —> lan —> edit —> dhcp server —> advanced and under dhcp options add
6,192.168.8.1
. Save your settings - Either through ssh & opkg or from the admin webgui install adguard home package
opkg list |grep -i adguard
thenokpg install
the adguard package - Ssh —>
/etc/init.d/dnsmasq stop
(this will stop all dns and dhcp temporarily) - Adguardhome’s default working directory is /tmp/adguardhome. The advantage is that this is very quick memory. The disadvantages are that once your router reboots, you’ll lose all history. There is also a danger of running out of space and filling /tmp completely. Let’s change that so we don’t have to worry.
a.mkdir /mnt/mmcblk0/etc/adguardhome
b.chmod 755 /mnt/mmcblk0/etc/adguardhome
c.vi /etc/config/adguardhome
or use your favorite editor
d. comment out the working directory line with a#
in front
e. add the following new lineoption workdir /mnt/mmcblk0/etc/adguardhome
f. finally we can restart adguardhome with/mnt/mmcblk0/upper/etc/rc.d/K89adguardhome restart
-
http://192.168.8.1:3000
. For me I changed the default admin port to 14711 which is the same used as part of asus-merlin, amtm, agh install - Set DNS to 53 and complete the install
- At this point you should see adguard home running on port 53. You can check by running
netstat -naulp | grep :53
- Next we’ll move dnsmasq to 553 (easy to remember) by
echo "port=553" >> /etc/dnsmasq.conf
from ssh prompt - We can now restart dnsmasq with ssh —>
/etc/init.d/dnsmasq restart
- Check that dnsmasq is running on the right port with running
netstat -naulp | grep :553
- Adguard config. Go to
http://192.168.8.1:14711
- For upstream servers I have this code:
[/console.gl-inet.com/][::]:553
[/use-application-dns.net/][::]:553
[/dns.resolver.arpa/][::]:553
[/lan/][::]:553
[//][::]:553
# Cloudfare
tls://1.1.1.1:853
tls://1.0.0.1:853
# Google
#tls://8.8.8.8:853
#tls://8.8.4.4:853
# Quad 9
tls://9.9.9.9:853
tls://149.112.112.112:853
# NextDNS
tls://dns.nextdns.io:853
- Save your config after each section
- Set to be parallel request
- For bootstrap I use
9.9.9.9
1.1.1.1
- For Private reverse DNS servers
[::]:553
[/10.in-addr.arpa/][::]:553
[/168.192.in-addr.arpa/][::]:553
- Set to enable DNSSEC
- Flip over to the DNS Blocklists and set to adguard, adaway, and oisd basic
This will get you pretty good protection without overloading the router. You can test by going here. You should get in the high 90’s for blocking ads and trackers. To make sure everything is working, reboot your router, use free
to check that swap is on, netstat -naulp | grep :53
to check AGH is working correctly, and htop
(separate opkg package) to check performance. With AGH and the resolvers above, you should see good performance.
Also, don’t forget on ios devices to disable private wifi address so your clients show up in the query and dashboard logs
edit - I’ve updated the instructions to account for tmpfs limited space and changing the working directory from /tmp/adguardhome
to /mnt/mmcblk0/etc/adguardhome
I wanted to add a follow-on post on how to update to the latest release of AGH, assuming you followed the steps above. For me, by default I had a 6+ month old version of Adguard in opkg and with opkg having update issues on the latest Beryl beta I decided to just update Adguard directly.
- The first thing you will want to do is determine which version you need by ssh into your router. Download
opkg install file
thenfile /usr/bin/AdGuardHome
For Beryl I got an output like this:
/usr/bin/AdGuardHome: ELF 32-bit LSB executable, MIPS, MIPS32 version 1 (SYSV), statically linked, Go BuildID=c0WtXHe74ItLRoOBOXFY/hmNPOIn3NRWjsIgoE2Ht/150uHHOGLVCtPkdknURS/eCewiXB9pIkOW5-aCcNy, stripped
- Next head over to AGH github page for releases and identify your platform. Note that for Beryl, choose the 32-bit MIPS LE. Keep this page handy. We’ll come back to it in a minute
- First we need to create a backup in case something goes haywire. Keep in mind that when you stop AGH, DNS resolution will also stop
a.cp /usr/bin/AdGuardHome /usr/bin/AdGuardHome.old
b.cp /etc/adguardhome.yaml /etc/adguardhome.yaml.backup
- Next create some temp space to download the latest AGH
mkdir /overlay/tmp
- Now it’s time to go back and copy the download link into your clipboard/buffer for the version of AGH you want. Then paste it into your ssh terminal after
wget
This example is for Beryl beta version. Choose your own version appropriately:
a.cd /overlay/tmp
b.wget https://static.adguard.com/adguardhome/beta/AdGuardHome_linux_mipsle_softfloat.tar.gz
- Next we need to extract the new binary
tar -xzvf ./AdGuardHome_linux_mipsle_softfloat.tar.gz
- This will create a new directory
cd AdGuardHome
- Check that the file matches the same arch as your current binary
file ./AdGuardHome
- Now it’s time to do the switcharo. First thing is to shutdown AGH
/mnt/mmcblk0/upper/etc/rc.d/K89adguardhome stop
cp ./AdGuardHome /usr/bin/
- Last thing is to restart AGH
/mnt/mmcblk0/upper/etc/rc.d/S21adguardhome start
-
ps | grep -i adguardhome
— should show AGH running - Go to
http://192.168.8.1:14711/
and enjoy the new release
*note: the above sometimes uses relative paths. Be sure you are in the expected directory before executing any commands with relative paths