with a lot of help from here i almost done finishing up my linksys 3200acm with openwrt 21.02.1.
There are some thing do, i have read some topics about adblock, unbound, nextdns and adguardhome.
is it all necessery to set this is all up, will it increase security or speed?
Or can i do with something els and simpler.
If above is done i like to make a vpn connection with my openwrt, if i make a vpn connection is this from above still relevant or can i just skip that?
Should increase speed, because you don't load most of the ads.
I wouldn't assume they would increasing security, even though it's probably mentioned in the ads.
Depends in what you need the VPN for, because it doesn't add any security or privacy at all.
I tried googling there are not many threads about this
some say unbound with nextdns and adguard or just only unbound and adguard, it makes things complicated.
So obligatory, be aware of wireless issues in 21.02 and 21.02.1 given your using a WRT3200ACM.
Running 21.02-SNAPSHOT which has the fix currently, until 21.02.2 is officially release is possibly best for best wireless performance.
Adblock is an integrated solution with LuCI management and is compatible with dnsmasq or unbound.
AdGuard Home is an alternative option, it is however more heavy. The official package can be installed through opkg, management is outside of LuCi. It does some benefits of adblocking + DoT/DoH without additional packages. The recommended configuration would be to have AdGuard Home as your main DNS resolver and move unbound or dnsmasq to local/PTR only.
NextDNS can't say, never used it.
Most PiHole functionality can probably be achieved with the various options mentioned already, which are more native to OpenWrt with opkg and LuCi management. Not discrediting PiHole however, that is my personal view. I did used to use PiHole with multiple instances, but the lack of management for multiple PiHole instances to sync block lists etc (without running your own script/rsync) made it less robust which is why I moved away from it.
Currently, it only references dnsmasq for local DNS/PTR setup with SSH and UCI commands, I don't use unbound, but hopefully someone can maybe add specific instructions for unbound at some point.
NextDNS as i understand is a paid service and allows you to filter using their DNS services on both mobile (thus while out and about) and at home. Current recommendations are to use the AdGuard Home client on your router as a downstream NextDNS client as their client has issues. see here for more info : [How-To-Updated 2021] Installing AdGuardHome on OpenWrt - #6 by mercygroundabyss
The old way to do encrypted DNS was with stubby and unbound. AGH replaces both of them and does encrypted DNS internally so you do not need them anymore. Some people still prefer using them however it complicates your setup and duplicates the effort required. That being said, using adblock with unbound/stubby is preferable on smaller less powerful routers where space and cpu power is an issue.
AGH i tested with a BT Hub5 https://openwrt.org/toh/bt/homehub_v5a which has 128mb of ram. As long as you do not go wild with the amount of filters you add to it, then it is fine.
The wiki has more info on installation of the 107 version using opkg. There is also linked threads to manual processes like my updated thread on the forum here : [How-To-Updated 2021] Installing AdGuardHome on OpenWrt This thread uses the "edge" clients from AGH as they are updated more often.