jrmwvu04
Very Senior Member
Yeah, should.does it work with AB-solution?
Yeah, should.does it work with AB-solution?
If you want to experiment further, I did implement support for custom scripts. So you could use a stubby.postconf to change the value of round_robin_upstreams to 0 (then the servers will be accessed in the order listed in the select dialogue).Unlike dnsmasq stubby queries the servers on a strict round robin basis (round_robin_upstreams: 1). So if you have configured stubby to use two servers, one fast and one slow, 50% of your uncached queries will be slow.
Thanks for adding the custom script support.If you want to experiment further, I did implement support for custom scripts. So you could use a stubby.postconf to change the value of round_robin_upstreams to 0 (then the servers will be accessed in the order listed in the select dialogue).
I could also add a 'manual' server selection choice. Then you could use a stubby.yml.add (note it's NOT stubby.conf.add) where you could add the servers you want in the order you want.
That does sound like a challenge , but I think it would be more useful. People seem to obsess over having "backup" DNS servers. I can image with the current menu system there would be people that would select "lots" of servers thinking that was a good thing, when in fact it would be very bad. If the menu choices were very obviously a priority list it would keep them happy without ruining performance.Another option (a bit more work though) would be to have an 'Ordered Access' option where the servers would be accessed in the order you select them in the dialogue.
I may just try and do that one as a 'challenge'
The DoT servers communicate on port 853. The router (dnsmasq) listens on port 53 for DNS requests, then uses port 5453 on your LAN to talk to the stubby proxy, which then sends the request to the DoT server port 853 and handles the TLS encryption.I am curious about this syslog entry:
The DoT servers communicate on port 853. The router (dnsmasq) listens on port 53 for DNS requests, then uses port 5453 on your LAN to talk to the stubby proxy, which then sends the request to the DoT server port 853 and handles the TLS encryption.
Can you load a syslog up somewhere for me to take a look at? Thanks.Thank you for the work you put into this, John.
Unfortunately DoT isn't working for me on my NT66. When I enable it, I get either time-outs or a response of 10.0.0.1 to all dns queries. I can't see anything obvious in the logs, and I tried a few servers, and turning dnssec on and off. I can try diagnosing it a bit more tomorrow. I welcome any suggestions on where to start looking.
Looking at a comparison of protocols in the dnscrypt info ( which i suppose is biased towards promoting dnscrypt anyway) there seem to be several minuses on the DoT side. The ease an evil ISP would have to deny service just by blocking port 853 is worrying, although I'm aware that all of these protocols are at the mercy of a providers interception with varying levels of effort.The DoT servers communicate on port 853. The router (dnsmasq) listens on port 53 for DNS requests, then uses port 5453 on your LAN to talk to the stubby proxy, which then sends the request to the DoT server port 853 and handles the TLS encryption.
possibly coming soon Merlin 384.7 (at the moment only alpha1) or if you need Aimesh then stock 21140 or 21152.Best version version for asus RT-AC66U_B1 ?
Recreated it (thanks for the PM data, just what I was going to ask you to do ).... but right now I'm stumped. I'm adding some diagnostic code to stubby and making some compile tweaks to see if I can figure out what it's complaining about.Thank you for the work you put into this, John.
Unfortunately DoT isn't working for me on my RT-N66. When I enable it, I get either time-outs or a response of 10.0.0.1 to all dns queries. I can't see anything obvious in the logs, and I tried a few servers, and turning dnssec on and off. I can try diagnosing it a bit more tomorrow. I welcome any suggestions on where to start looking.
Just an update....I've worked on the MIPS support over the last couple of days without any luck. I've opened an issue with the getdnsapi/stubby developers to see if they have any insight.Recreated it (thanks for the PM data, just what I was going to ask you to do ).... but right now I'm stumped. I'm adding some diagnostic code to stubby and making some compile tweaks to see if I can figure out what it's complaining about.
So for everyone else, I'd assume that right now it's not working on the MIPS based routers (but if someone would care to try on an N16 or AC66, it might be helpful).
Welcome To SNBForums
SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.
If you'd like to post a question, simply register and have at it!
While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!