Thanks for the quick reply, sorry about late replying was rushing yesterday, should have waited until today to post to be fair.
No worries, we (at least I) don't have deadlines or a timeline when someone needs to have responded.
1) What is (P)RNG? ( I choose option 1 as wanted dnscrypt obviously)
PRNG is the abbreviation for Pseudo Random Number Generation. It's used to generate random numbers for secure keys etc. More info:
https://www.random.org/randomness/
2) I’m assuming when it asks ‘Please choose 2nd server or press n to skip’ people choose a second one? I suspect incase first one went down or something similar.
Yes, this to select a backup DNS-server. However, OpenDNS have many servers and the likelyhood of all of them going down is basically zero, so I haven't selected a second one and pressed n to skip.
3) When it asks ‘Do you want to setup OpenDNS account ip update’, I have an OpenDNS account I created two days ago, I assume by choosing yes it will keep my dynamic IP address updated with OpenDNS? if i choose no how does it then work?
Correct. If you fill in your OpenDNS credentials your IP will be automatically updated. If you have customized settings in your OpenDNS Dashboard (or Umbrella Dashboard, as it's owned by Cisco now), it needs to know your current IP to apply custom rules. If you choose no, only the default settings for OpenDNS will be used and you will be using OpenDNS as any user without an account.
4) Do you want to redirect all DNS resolutions on your network through encrypt? I choose yes first and no second time installed as wanted to play about to see what settings there were, what does this setting exactly means and do? I thought by choosing no it would only use the the dns server I selected for specified clients, but it seems not.
This is a question I'm currently struggling with myself (see one of my previous unanswered posts) as well as the post I just made in the AB-Solution thread. In my opinion, if you choose yes, all traffic should be routed through DNSCrypt, but I'm not sure either, so hopefully somebody else (like
@kvic or
@bigeyes0x0) can shed some light on that.
5) When it mentioned ‘Available random number generator providers’
- HAVEGED (Preferred if you do not have a HW RNG)
- RNGD (Preferred if you have a HW RNG)
Don’t know what either mean and which one I need to select? (i choose first option)
See answer to question 1. This what (P)RNG refers to. There are hardware solutions for random number generations, that's when you would choose the second option. If not, HAVEGED is the way to go. HAVEGE is an algorithm for generating unpredictable random number sequences. HAVEGE
D is the daemon that uses the algorithm. More info:
http://www.issihosts.com/haveged/
6) What happens if dns server i choose went down, i know there is option to choose second dns server in installation as backup, ie. in WAN > Choose DNS server (currently set to no) would i be rite in thinking i could have a backup dns ie. google dns for example and add dns server IPs under WAN > DNS Server.? I'm a bit confused as in LAN and WAN there is option to enter DNS server stuff and would like to better understand the difference between the two under WAN and LAN
As mentioned before, the OpenDNS IP's aren't pointing to a single server. It always tries to find the one nearest to you and if one goes done, traffic will be rerouted to the second closest. OpenDNS's NOC is operational 24/7. As for the settings: my LAN DNS settings are empty, only the option to have the router announce itself as DNS server is switched on. On my WAN pages I have both OpenDNS servers specified (208.67.222.222 and 208.67.220.220), assuming that if DNSCRYPT dies for some reason, it uses the ones specified on the WAN page. The local DNS server (the router itself) is primarily being used for resolving clients on the local network (i.e. router.lan, laptop.lan etc), which need to be configured on the LAN page as well. I assume solutions like AB-Solution and Pixelserv-TLS use the local DNS-server as well. As you see, I make some assumptions, as I don't have all the knowledge either, but that's how my setup is working currently. However, there are several people around with way more knowledge than I have, which undoubtly will correct me if and where I'm wrong.
Sorry for multiple questions i just like to ensure i understand what i'm doing and for future reference.
Sounds familiar. I hate to follow tutorials or instructions without knowing what I'm actually doing and how it could influence other functionality.
Most welcome and have a great day
Marco