Please add Control D dns for DoH and DoT please

Hi as above could you add ControlD DNS service for both DoT and DoH please?
They are betetr IMHO then NextDNS.

If you need it, you can add it by using AGH as a DNS forwarder.

Hi,
thanks for replying but I asked for this so I could use em directly instead of AGH as this DNS is set to do same as AGH and more and it is cheaper then AGH and so on.

You didn’t understand my response. When you are running AdGuard Home (AGH) you can simply choose any upstream DNS server as you like. So you can use it to get your ControlD DNS.

There is no need for AdGuard DNS within AdGuard Home.

ok so when my Flint 2 comes I will try this :slight_smile:

Here is what I did to configure my gl-inet router to use my paid Adguard DoH DNS server from the SSH command line. It does not use the gl-inet simple admin interface. This was take from the adguard configuration instructions for openwrt. You would need to substitute your bootstrap DNS servers and your Control D DoH URL if you want to try this. If it messes up, reset.

Install packages

opkg update
opkg install https-dns-proxy

Install if you want to use the luci interface to check or edit configuration

opkg install luci-app-https-dns-proxy
/etc/init.d/rpcd restart

Configure DoH provider - I used the command line but I think you could do the same thing from the luci app, deleting any preconfigured DNS server entries and inserting yours

while uci -q delete https-dns-proxy.@https-dns-proxy[0]; do :; done
uci set https-dns-proxy.dns=“https-dns-proxy”
uci set https-dns-proxy.dns.bootstrap_dns="8.8.8.8,1.1.1.1”
uci set https-dns-proxy.dns.resolver_url="https://d.adguard-dns.com/dns-query/xxxxxxxx”
uci set https-dns-proxy.dns.listen_addr=“127.0.0.1”
uci set https-dns-proxy.dns.listen_port=“5053”
uci commit https-dns-proxy
/etc/init.d/https-dns-proxy restart

Hi thanks but I am more interested in DNS over TLS option still great thanks for whole instructions :smiley:

Regards :slight_smile:

In that case, here are the DoT instructions courtesy AdGuard. I have not tried this, but I trust the instructions based on my experience with the DoH instructions. Again, substituting your DNS server info.

Command-line instructions

Disable Dnsmasq DNS role or remove it completely optionally replacing its DHCP role with odhcpd.

Install packages

opkg update
opkginstall unbound-daemon

LAN clients and the local system should use Unbound as a primary resolver assuming that Dnsmasq is disabled.

Web interface

If you want to manage the settings using web interface, install the necessary packages.

Install packages

opkg update
opkginstall luci-app-unbound
/etc/init.d/rpcd restart

Navigate to LuCI → Services → Recursive DNS to configure Unbound.

Configure AdGuard DNS-over-TLS

uci add unbound zone
uci set unbound.@zone[-1].enabled=“1”
uci set unbound.@zone[-1].fallback=“0”
uci set unbound.@zone[-1].zone_type=“forward_zone”
uci add_list unbound.@zone[-1].zone_name=“.”
uci set unbound.@zone[-1].tls_upstream=“1”
uci set unbound.@zone[-1].tls_index=“tls://xxxxx.d.adguard-dns.com”
uci add_list unbound.@zone[-1].server=“8.8.8.8”
uci add_list unbound.@zone[-1].server=“1.1.1.1”
uci commit unbound
/etc/init.d/unbound restart

I’m interested in this resolver to! :slight_smile:

while adguard might be a solution for the time being, i disagree on advocating adguard being the proxy of such resolver just because it could add potentional bloat which you may don’t want.

on the other hand maybe they could better add a DoT/DoH custom field, for the proxy thing from Controld I think that is too much for the current design since it requires their daemon, also the same with NextDns identifiers, since all DoH/DoT go from dnsmasq → stubby (DoT deamon) or dnsproxy → wan.

but other than that I find it not wrong to have support for it but maybe in a different way :wink:

1 Like

also when Flint 2 comes to me on about 2 work weeks I will check Control D command for auto configuring as they provide one for GL.Inet routers as well some others are on the list so worth trying this way :smiley:

PS: One more thing. Is tehre any way of getting list of packages (opkg’s) installed by default on Flint 2 ?

1 Like