And again dns leak

I have dns leak with redsocks2 proxy configuration.
how to fix it

https://openwrt.org/docs/guide-user/services/dns/start#encryption

1 Like

Delicious choice: https://github.com/jedisct1/dnscrypt-proxy

1 Like

https://openwrt.org/docs/guide-user/services/dns/encrypt#dnscrypt_via_dnsmasq_and_dnscrypt-proxy1

work ok

but what if i want to use google dns?

Google-DNS supports DoT/DoH, but not DNSCrypt, so your options:

  • DoT via Dnsmasq and Stubby - I recommend this one
  • DoT via Unbound - This is also good if you have OpenWrt installed on VPS, so no need for DHCP
  • DoH via Dnsmasq and DNSCrypt-Proxy-v2 - I have not tested it, but it should work in theory
1 Like
  1. get concerned about your dns-privacy
  2. configure dns privacy feature then send all your lookups to google/cloudflare
  3. ???
  4. Profit
1 Like

works well with google dns!
but why does not work with third-party servers? for example 5.254.96.195

Probably it doesn't support DoT.
Check the list of DNS-providers and the features they support:
https://en.wikipedia.org/wiki/Public_recursive_name_server

2 Likes

what is DoT?
and is there any way use providers without DoT support?

https://en.wikipedia.org/wiki/DNS_over_TLS

  • DNSCrypt via dnscrypt-proxy or dnscrypt-proxy-v2.
  • DoH via dnscrypt-proxy-v2.
2 Likes

I tried these two methods, they do not allow to add their dns proxyes

DNSCrypt via dnscrypt-proxy - allows you to select only from its list

dnscrypt-proxy-v2 - own servers too, but complete randomization

The list of DNSCrypt-providers is a file you can edit:
https://github.com/openwrt/packages/blob/master/net/dnscrypt-proxy/files/dnscrypt-resolvers.csv