Menu
What's new
By:
Filters Better Search

DNSCrypt is reborn!

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Quick update for those interested: @DonnyJohnny and yours truly have been working behind the scenes to get dnscrypt-proxy working at boot and logging to syslog is now working as well. As far as I can tell, everything seems to work as expected now, but it has to be done manually. Getting this in an install script is a different story, I have no experience in creating such a script. We'll see what we can do with the old installer script to automate the install.

So, the good news: it's fully functional and seems stable and secure (no leaks), however, it might take some more time before we can provide an installer script to automate the installation. The latter might not be a bad thing, as it's currently in alpha stage meaning download urls for the pre-compiled binaries change frequently, which would be a hassle writing a script anyway.

To be continued...
 
M@rco said:
Quick update for those interested: @DonnyJohnny and yours truly have been working behind the scenes to get dnscrypt-proxy working at boot and logging to syslog is now working as well. As far as I can tell, everything seems to work as expected now, but it has to be done manually. Getting this in an install script is a different story, I have no experience in creating such a script. We'll see what we can do with the old installer script to automate the install.

So, the good news: it's fully functional and seems stable and secure (no leaks), however, it might take some more time before we can provide an installer script to automate the installation. The latter might not be a bad thing, as it's currently in alpha stage meaning download urls for the pre-compiled binaries change frequently, which would be a hassle writing a script anyway.

To be continued...
Click to expand...
Right on man!!
 
Alpha 6 out with query log. Working but I comment out.
 
Alpha 7 has been released, blocking rules (compatible with dnscrypt-proxy v1) were added. Not tested yet.
 
Super fast release...
 
This dns protocol is sure moving very fast... first dnscrypt, then dns over tls... now dns over https.....
So exciting to see things moving so fast...
I planning to try unbound and dns over tls.

Anyone can give me a quick link on how to set it up in asuswrt-merlin?
 
DonnyJohnny said:
This dns protocol is sure moving very fast... first dnscrypt, then dns over tls... now dns over https.....
So exciting to see things moving so fast...
I planning to try unbound and dns over tls.

Anyone can give me a quick link on how to set it up in asuswrt-merlin?
Click to expand...

Unbound is in the entware-ng repository.
 
DNSCrypt-proxy v2 has just left alpha stage, beta 1 has been released.

Latest feature introduced is, when multiple servers are in dnscrypt-proxy config, it will now test for latency for all servers configured and will use the fastest one to resolve dns queries.

Pre-compiled binary can be found here: https://github.com/jedisct1/dnscrypt-proxy/releases/latest
 
Last edited by a moderator:
While it is cool to use 60 dns resolvers but sending queries to 60 dns resolvers is a bit crazy. I now pre-select 3 fastest dns resolvers as failover. Lol...
This is cool and easy to use...
 
RMerlin said:
Great. Another programmer who uses a less efficient language just "because they can", and they think it's cool. Sigh.
Click to expand...

To be honest, it ain't that bad. I haven't seen it using more than 4.7 Mb of resources (mostly 3-4 Mb) and given the (increasing) amount of functionality, I can totally live with that. I'll try to do some dns benchmarks tomorrow to see how it behaves when under load. So far, I haven't had a single moment I felt like it was a memory hog which degrades my RT-AC68U's performance.

DonnyJohnny said:
While it is cool to use 60 dns resolvers but sending queries to 60 dns resolvers is a bit crazy. I now pre-select 3 fastest dns resolvers as failover. Lol...
This is cool and easy to use...
Click to expand...

It doesn't test all the available servers in the sources list, it tests the servers configured in [Servers] section in dnscrypt-proxy.toml, so only the ones you've pre-configured. It uses the fastest and keeps the others as failover.
 
M@rco said:
It doesn't test all the available servers in the sources list, it tests the servers configured in [Servers] section in dnscrypt-proxy.toml, so only the ones you've pre-configured. It uses the fastest and keeps the others as failover.
Click to expand...

Nah.. my static list has only 1 pre-configured resolver. It did test the whole csv list. Notice the 60 live server. It generated a whole list of ping test which is more than 10000 character for me to paste here. Btw Cisco for me is 3ms. What more can I ask for?

Code: 
Jan 18 06:07:16 dnscrypt-proxy: [2018-01-17 22:07:16] [-] [NOTICE] Server with the lowest initial latency: cisco (rtt: 3ms)
Jan 18 06:07:16 dnscrypt-proxy: [2018-01-17 22:07:16] [-] [NOTICE] dnscrypt-proxy is ready - live servers: 60
 
Last edited:
XIII said:
What does it mean that the beta has no local DNSSEC validation?
Click to expand...
I think it will do the job of dnsmasq. Validating the dnssec
Asuswrt-merlin already sup-port dnssec under LAN, DHCP Server.
 
Has he implemented the option to ignore timestamps from certs yet? That is necessary to properly integrate it for embedded devices without a RTC.
 
You must log in or register to reply here.

Similar threads

R
notify_rc start_webs_update
Replies
2
Views
280
roscoe211
R
johndoe85
Tutorial How to install Wireproxy on your Asus-Merlin Router
Replies
0
Views
971
johndoe85
johndoe85
CntrlAltDel
DNScrypt DNSCrypt Error During Setup
Replies
1
Views
2K
Zastoff
Zastoff
MegaMango
dnsmasq-surrogate for RT-BE88U: Ad Blocking & Security Enhancement
Replies
2
Views
523
MegaMango
MegaMango
S
Wireguard VPN change routes ip
Replies
0
Views
637
S75
S
Similar threads
Thread starter Title Forum Replies Date
B (solved) Dnscrypt blocked-names.txt automatically deleted upon modification Asuswrt-Merlin 4

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 731 (members: 34, guests: 697)
Top