How to configure https-dns-proxy to give the nearest DNS Resolvers?

Hi all, I installed https-dns-proxy according to this guide. Removed Google DNS from the list, only Cloudflare was left. Changed the “Force Router DNS” setting to “Let local devices use their own servers” and that's the end of my setup.Question why Cloudflare doesn't give me the nearest DNS resolvers? I live in CIS countries, but it gives me Warsaw although there are closer resolvers. Stubby gave me the closest resolvers. How can I configure it to give me the closest resolver?

You cannot control cloudflare, they just report fact that anycast route goes to Poland.

1 Like

But when I set 1.1.1.1.1.1 in lan interface gives close resolver why? Without https-dns-proxy enabled.

What's wrong with stubby?

Short answer to your question - you cannot.
Why this happens - ask your ISP.

When you send a request to 1.1.1.1 (plain or DOT), your ISP routes it according to its BGP route for the 1.1.1.0/24 prefix.

When you use DOH, your router first performs name resolution for cloudflare-dns.com, then it sends a request to some IP address like 104.16.x.x.

My guess that your ISP routes those two prefixes differently.

With stubby, DNS queries still go through the ISP. Checked through nslookup shows ip provider. And through https-dns-proxy 127.0.0.1#53. Or did I misunderstand nslookup?

You need to configure dnsmasq to forward requests to stubby.

And how to do it can you send a link to the instructions? I have 3 interfaces wan, lan, l2tp so my ISP connects using L2TP with Dual Access. Because of this I have problems with some of the guides.

https://openwrt.org/docs/guide-user/services/dns/dot_dnsmasq_stubby

You will also need an exception for your NTP server(s) similar to this:

I did everything according to the instructions. I tried both CLI and LuCi. With LuCi, my l2tp connection stopped working when I tried these items: Navigate to Network → Interfaces. Tap 'Edit' next to LAN. 'Advanced Settings', 'Use custom DNS servers': '127.0.0.1', tap '+', and add '0::1' as a second one. 'DNS Weight': '20'. 'Save'.

Tap 'Edit' next to WAN. If you want the router itself to use alternate DNS, uncheck 'Use DNS servers advertised by peer', and put in e.g. '1.1.1.1'. Otherwise, leave this to resolve to your provider's DNS. Trying to resolve through stubby, before stubby is running properly during boot, can cause problems. Set the 'DNS Weight' to some high number, low-priority, like '50'. 'Save'.