this post was submitted on 23 Oct 2023
14 points (88.9% liked)

Selfhosted

39980 readers
638 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
 

Hello. I just upgraded my ramips router (ipTIME A3004NS-dual, 256mb ram, 64GB USB) to OpenWrt 23.05, so far it's working well. I'd like some extra privacy (my country is known to do some internet censoring) and filter connections to sites I do not want (advertisements, telemetry) and AdGuard Home paired with Unbound seems perfect for this.

Before upgrading I used to run a DoH setup on OpenWrt with CloudFlare's DNS, but I now want to remove dependencies to these public 'private' DNS servers.

I did try searching a lot, but unfortunately as I'm pretty new to networking and hosting things I'm not quite able to understand what I read. Some guides mention using Unbound but still does setup Google/CloudFlare DNS, is that used as a fallback of some sort?

If someone has already done something similar I'd very much appreciate some guidance on how this should be done.. Thanks!

EDIT: I think I got it working.. but I'd be glad if someone can please tell me a way to test it. dnsleaktest.com shows "None" for hostname..

I followed [1] to install unbound, then changed unbound's port to 5353, set AdGuardHome's port to 53 and set AdGuardHome's DNS settings (Upstream, Bootstrap, Private reverse) to 127.0.0.1:5353. After a reboot it seems to work properly, except that I can no longer connect to other machines using their hostnames. (Previously I could just ssh the machine darkstar using ssh hexagonwin@darkstar, now I need to ssh [email protected]) [1]: https://openwrt.org/docs/guide-user/base-system/dhcp_configuration#replacing_dnsmasq_with_odhcpd_and_unbound

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 1 points 1 year ago (1 children)

I use unbound forward DNS over TLS to nextdns, I try to keep it simple.

[–] [email protected] 1 points 1 year ago

Yeah, but I'm wanting to only connect to 'root DNS' servers (is that the right term?) instead of servers like NextDNS or Cloudflare. Anyway, my configuration is working now, I should probably document them later..