Well Well. While posting this thread, I discover that changes I made to Firefox are the issue!
network.trr.mode 0 -> 2
network.security.esni.enabled false -> true
The above settings were related to more secure DNS-over-HTTPS (DoH)
When I enabled the above Firefox configuration, it allows a flood of ads. It makes me appreciate all the wonderful software provided by contributors!
***********************************************************************************************
I am going ahead with the post because I do detail my DNS related settings and this may help someone else.
I am running 384.15 Asus Merlin on an AC86U router. Since installing 384.15 I have had issues with DNS I didn't notice in prior releases. Some devices (such as my SmartTV, a Kindle, old ipad & Firestick) couldn't connect to the internet at all using the Gateway 192.168.1.1 and DNS 192.168.1.1. Most of my network devices could access the Internet using these Gateway/DNS settings. Very confusing why some worked & others didn't. I also continued to get DNS leaks.
I am running amtm, Skynet, Diversion, ya-block-malware
Prior to making the bolded changes below, I had a handful of devices that simply would not access the internet. Once I started using DNS-over-TLS, every single device on the network connects to the internet. However, all the above adware/malware blockers appear to no longer block anything. It appears that my traffic is not going through the router the way it was. When I use Firefox to browser a website, I see ads popping up everywhere.
I tried to use different DNS settings to get all my devices accessing the Internet.
LAN/DHCP Server
DNS Server 1 & 2: Blank
Advertise router's IP in addition to user-specified DNS: Yes
WINS Server: Blank
WAN DNS Setting
Connect to DNS Server Automatically: No
DNS Server 1: 8.8.8.8
DNS Server 2: 1.1.1.1
Forward local domain queries to upstream DNS: No
Enable DNSSEC support: No
DNS Privacy Protocol: DNS-over-TLS (DoT) <-- Was set to NONE
DNS-over-TLS Profile: Strict
I have 4 Preset Servers in the list
VPN Client
Accept DNS Configuration: Strict
Create NAT on tunnel: Yes
Inbound Firewall: Block
Force Internet traffic through tunnel: Policy Rules (Strict)
Block routed clients if tunnel goes down: Yes
ALL-LAN 192.168.1.0/24 0.0.0.0 VPN
Question: Does anyone know what, if any, servers (like CloudFlare but not CloudFlare) handle DNS-over-TLS (DoT) who advertise they don't record/track DNS queries coming through their servers?
network.trr.mode 0 -> 2
network.security.esni.enabled false -> true
The above settings were related to more secure DNS-over-HTTPS (DoH)
When I enabled the above Firefox configuration, it allows a flood of ads. It makes me appreciate all the wonderful software provided by contributors!
***********************************************************************************************
I am going ahead with the post because I do detail my DNS related settings and this may help someone else.
I am running 384.15 Asus Merlin on an AC86U router. Since installing 384.15 I have had issues with DNS I didn't notice in prior releases. Some devices (such as my SmartTV, a Kindle, old ipad & Firestick) couldn't connect to the internet at all using the Gateway 192.168.1.1 and DNS 192.168.1.1. Most of my network devices could access the Internet using these Gateway/DNS settings. Very confusing why some worked & others didn't. I also continued to get DNS leaks.
I am running amtm, Skynet, Diversion, ya-block-malware
Prior to making the bolded changes below, I had a handful of devices that simply would not access the internet. Once I started using DNS-over-TLS, every single device on the network connects to the internet. However, all the above adware/malware blockers appear to no longer block anything. It appears that my traffic is not going through the router the way it was. When I use Firefox to browser a website, I see ads popping up everywhere.
I tried to use different DNS settings to get all my devices accessing the Internet.
LAN/DHCP Server
DNS Server 1 & 2: Blank
Advertise router's IP in addition to user-specified DNS: Yes
WINS Server: Blank
WAN DNS Setting
Connect to DNS Server Automatically: No
DNS Server 1: 8.8.8.8
DNS Server 2: 1.1.1.1
Forward local domain queries to upstream DNS: No
Enable DNSSEC support: No
DNS Privacy Protocol: DNS-over-TLS (DoT) <-- Was set to NONE
DNS-over-TLS Profile: Strict
I have 4 Preset Servers in the list
VPN Client
Accept DNS Configuration: Strict
Create NAT on tunnel: Yes
Inbound Firewall: Block
Force Internet traffic through tunnel: Policy Rules (Strict)
Block routed clients if tunnel goes down: Yes
ALL-LAN 192.168.1.0/24 0.0.0.0 VPN
Question: Does anyone know what, if any, servers (like CloudFlare but not CloudFlare) handle DNS-over-TLS (DoT) who advertise they don't record/track DNS queries coming through their servers?
