Hello -
Was wondering if someone can advice on correct settings to reduce "upstream Response Time" in ADH. Below are my settings
Asus Merlin - RT-AC86U
Setting for router:
LAN > DHCP Server > DNS Server = Pi IP Address (Pi set with static IP)
Advertise router's IP in addition to user-specified DNS = no
LAN > DNS Director = Enabled > Global Redirection = Router > Client MAC Address = Pi IP > Redirection = No Redirection
WAN > Port Forwarding = On > Port 80 (HTTP) > Internal IP = Pi IP address, reason to give access to Certbot letencrypt cert for Pi
WAN > Internet > DNS Setting > DNS Server = Quady
Forward local domain queries to upstream DNS = no
Enable DNS Rebind protection = yes
Enable DNSSEC support = yes
Validate unsigned DNSSEC replies = yes
Prevent client auto DoH = yes
Note - Have Diversion installed via Entware on the router
Pi4 - 4gb RAM on SSD Flash Drive running 86bit bootworm
Installed letsencrypt using certbot
Installed unbound - and below is main part of the config file -
server:
verbosity: 1
interface: 0.0.0.0
port: 5335
access-control: 0.0.0.0/0 refuse
access-control: 127.0.0.1 allow
access-control: 192.168.1.0/24 allow
root-hints: "/var/lib/unbound/root.hints"
Installed Adguard Home
Adguard Home settings -
DNS Settings -
Upstream Server: 127.0.0.1:5335
Parallel Request = selected
Fallback DNS - (Have used empty and Quad)
Bootraps DNS = 127.0.0.1:5335
Private reverse DNS = Router IP
Use private reverse = selected
Enable reverse resolving = selected
Enable DNSSEC = deselected
Cache size = 0
Settings > Encryption settings
Enable Encryption (HTTPS, DNS-over-HTTPS, and DNS-over-TLS) = selected
Enable plain DNS = selected
Server Name = My domain name
Certificates = used path of letsencrypt in Pi
With the above settings, is/are things I need to change to make my upstream request time to reduce, currently have the below values -
Quad - 1,355 ms
192.168.1.1 - 530ms
127.0.0.1 - 496ms
However, if I run dig @127.0.0.1 -p5335 google.com from the Pi it records under 0msec
Initial I thought it could be cause of me connecting to Wiregaurd session manager, I changed the DNS there to use my Pi, still same result, even without VPN on.
Will appreciate any input as what to change to improve speed both in ADH and my Home network on even when I use Tailscale outside of my home
thanks
Was wondering if someone can advice on correct settings to reduce "upstream Response Time" in ADH. Below are my settings
Asus Merlin - RT-AC86U
Setting for router:
LAN > DHCP Server > DNS Server = Pi IP Address (Pi set with static IP)
Advertise router's IP in addition to user-specified DNS = no
LAN > DNS Director = Enabled > Global Redirection = Router > Client MAC Address = Pi IP > Redirection = No Redirection
WAN > Port Forwarding = On > Port 80 (HTTP) > Internal IP = Pi IP address, reason to give access to Certbot letencrypt cert for Pi
WAN > Internet > DNS Setting > DNS Server = Quady
Forward local domain queries to upstream DNS = no
Enable DNS Rebind protection = yes
Enable DNSSEC support = yes
Validate unsigned DNSSEC replies = yes
Prevent client auto DoH = yes
Note - Have Diversion installed via Entware on the router
Pi4 - 4gb RAM on SSD Flash Drive running 86bit bootworm
Installed letsencrypt using certbot
Installed unbound - and below is main part of the config file -
server:
verbosity: 1
interface: 0.0.0.0
port: 5335
access-control: 0.0.0.0/0 refuse
access-control: 127.0.0.1 allow
access-control: 192.168.1.0/24 allow
root-hints: "/var/lib/unbound/root.hints"
Installed Adguard Home
Adguard Home settings -
DNS Settings -
Upstream Server: 127.0.0.1:5335
Parallel Request = selected
Fallback DNS - (Have used empty and Quad)
Bootraps DNS = 127.0.0.1:5335
Private reverse DNS = Router IP
Use private reverse = selected
Enable reverse resolving = selected
Enable DNSSEC = deselected
Cache size = 0
Settings > Encryption settings
Enable Encryption (HTTPS, DNS-over-HTTPS, and DNS-over-TLS) = selected
Enable plain DNS = selected
Server Name = My domain name
Certificates = used path of letsencrypt in Pi
With the above settings, is/are things I need to change to make my upstream request time to reduce, currently have the below values -
Quad - 1,355 ms
192.168.1.1 - 530ms
127.0.0.1 - 496ms
However, if I run dig @127.0.0.1 -p5335 google.com from the Pi it records under 0msec
Initial I thought it could be cause of me connecting to Wiregaurd session manager, I changed the DNS there to use my Pi, still same result, even without VPN on.
Will appreciate any input as what to change to improve speed both in ADH and my Home network on even when I use Tailscale outside of my home
thanks
