Adguard home settings yaml file editing

ehn · May 21, 2025, 11:52am

the Adguard home can only be set to one interface or all. I have an old LAN, New LAN, IoT and Guest interfaces.
after following the openwrt guide (not convinced LUCI works for moving the DNSMasq port) on installing it works on the old-LAN the choice I made. How do I edit the Adguard Home Settings YAML file?

I've tried:

....
dns:
  bind_hosts:
    - 192.168.1.1
    - 192.168.2.1
    - 192.168.3.1
    - 192.168.6.1
  port: 53...

and got my IoT (192.168.3.x) and new LAN (192.168.6.x) working but not the Guest (192.168.2.x). They can get no DNS and can't surf the web. Devices on the Guest Network worked if they set their own DNS (not IP V4), so I know it is just DNS. Plus in the DHCP Advanced settings I additionally send 6, 1.1.1.1 it works. I'm just redoing it with Guest as the Main option selected in the GUI. Does my edit look bad or is there a setting I can't find in the Guest Interface. Using LUCI I think it looks identical to how I have set up the IoT and new LAN. Is there a hidden setting that is different that isn't seen in LUCI?

ehn · May 21, 2025, 4:16pm

I did wonder if it was a firewall thing as guest is block, allow, block where as IoT and new LAN are allow, allow, allow but changing it made no difference, plus I already have port 53 allowed between guest and wan/this device (2 rules).

ehn · May 21, 2025, 4:25pm

and I tried setting up port forwarding (53 from Guest zone to this device).

ehn · May 22, 2025, 6:05pm

That still looks right to me. I will be trying again next time I don’t have guests and can afford to lose WIFI. On my New LAN and old LAN I suspect most devices can have a set DNS, it’s just Guest and IoT zones. Maybe I can run a second adguard installation aswell as the normal one in a docker?

frollic · May 22, 2025, 6:07pm

Does netstat show AGH binding to all the IPs you've listed ?

ehn · May 22, 2025, 6:12pm

Not sure. I have deleted it now as my Guest Network lost wifi unless I added extra DNS servers. Will be trying again after the weekend. What command do I run after netstat? Last time I ran it I had loads of output to trawl through.

frollic · May 22, 2025, 6:15pm

Try netstat -lnp | grep 53.

ehn · May 22, 2025, 6:28pm

Thanks. I will reinstall Adguard Home and run that command on Sunday Evening.

ehn · May 25, 2025, 9:58pm

does this look like it should work?

root@BPI_R4:~# netstat -lnp | grep 53
tcp 0 0 192.168.3.1:53 0.0.0.0:* LISTEN 25752/AdGuardHome
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 25752/AdGuardHome
tcp 0 0 192.168.6.1:53 0.0.0.0:* LISTEN 25752/AdGuardHome
tcp 0 0 192.168.2.1:53 0.0.0.0:* LISTEN 25752/AdGuardHome
tcp 0 0 192.168.1.1:53 0.0.0.0:* LISTEN 25752/AdGuardHome
udp 0 0 127.0.0.1:53 0.0.0.0:* 25752/AdGuardHome
udp 0 0 192.168.3.1:53 0.0.0.0:* 25752/AdGuardHome
udp 0 0 192.168.6.1:53 0.0.0.0:* 25752/AdGuardHome
udp 0 0 192.168.1.1:53 0.0.0.0:* 25752/AdGuardHome
udp 0 0 192.168.2.1:53 0.0.0.0:* 25752/AdGuardHome

ehn · May 25, 2025, 10:27pm

oddly it doesn't work on my phone, ipad, Laptop unless I specify a DNS server but it can be the local one.
for example, 192.168.2.1 for Guest
Same with new LAN and IoT. Suspect I had static/backup DNS setup on those networks last time, so it just appeared to work.
Seems like a setting in my Interfaces is wrong so it does not serve the DNS address correctly.

ehn · May 25, 2025, 10:41pm

oddly it seems that if in LUCI I change the interface DHCP/Advanced setting DHCP Options to "6, 192.168.2.1" (for Guest Interface) it works. Or maybe it remembers the static DNS I set and even though I go back to Automatic it remembers still.

These were my interface/advanced settings

Use default gateway (false)

Use custom DNS servers

192.169.2.1

ehn · May 27, 2025, 3:05pm

incidentally I tried 192.168.1.1 and Firewall rules allowing port 53 to leave the guest zone before trying 192.168.2.1 and then 6, 192.168.2.1 in the advanced bit.

ehn · May 27, 2025, 3:06pm

just spotted a typo in above. It was 168, not 169