I keep seeing this confusion in various posts on the forum so I'm adding this to the thread.
You do not need to use any other programs like Unbound, Stubby or DNS-Over-Https. Those were the old way of manually adding encrypted DNS to OpenWrt and extending DNSMasqs so it could do encrypted lookups.
AGH does it all internally and will do any variant of encrypted dns. DoH, DoT, DoQ. All you have to do is pick the provider you wish to use.
There's a list of all the providers for ease of use. Just use AGH's setup and pick your provider and which protocol you want.
https://github.com/AdguardTeam/AdGuardHome/wiki/Configuration#upstreams - Configuring Upstreams
There is a problem that still bothers me. Whenever my R2S restarts, AGH will always be unable to block it. To save space, I have disabled saving QueryLog.
Regarding this problem, how should I solve it?
Your r2s is your primary router yes?
When it boots up, it will use dnsmasqs DNS to do NTP and updates. Then AGH will load and provide DNS to the rest of your network. That's the way it has to load.
I found that I made a mistake. It should be said that when I restart R2S, the blocking function of AGH will always be invalid
is AGH started as a service? If you do not have sudo installed then AGH will fail to install as a service and thus not restart when the router reboots.
Install sudo and reinstall AGH using the script. This will properly setup AGH as a service and thus auto start when you reboot.
Is "Sudo" the picture package?
So should I use AGH's install.sh script to reinstall?
Yes that is the package. Yes. reinstall with the script and it will setup AGH as a service. It should leave your agh.yaml file alone so all your config should stay as it was. Back it up before hand in case however.
OK, I see.
I will go through these steps, and then thank you
curl -s -S -L https://raw.githubusercontent.com/AdguardTeam/AdGuardHome/master/scripts/install.sh | sh -s -- -v -u
The script also accepts some options:
-c <channel> to use specified channel.
-r to reinstall AdGuard Home;
-u to uninstall AdGuard Home;
-v for verbose output;
Note that options -r and -u are mutually exclusive.
Technically you should uninstall AGH and have your yaml file backed up first.
Then remove the /opt/AdGuardHome folder.
Then properly reinstall it. Just so you have a clean install.
curl -s -S -L https://raw.githubusercontent.com/AdguardTeam/AdGuardHome/master/scripts/install.sh | sh -s -- -v
This method does not work for me. My restart task is executed in the early morning. My AGH is started normally, but it cannot be blocked.
So your R2S reboots and AGH doesn't start?
or it doesn't do blocking after the restart?
What does your syslog say.
or copy and paste from SSH shell using logread.
Is SysLog obtained from openWRT?
Yes. It is the system log from the luci interface. https://192.168.1.1/cgi-bin/luci/admin/status/syslog
You can get it from SSH shell by using
This is my syslog. But the buffer size is set too low, so it only starts from 11:52AM (UTC+8), but the restart time is 4:30AM (UTC+8)
(Because the file is too large, it is placed on Google Drive.)
why not reboot your router now and see what is happening.
Is AGH just not blocking adverts (because filters arent working?)
or is it clients are bypassing AGH.
Just a thought. where is your AGH installed? /opt/AdGuardHome ? so it is persistant? or /tmp?
(nevermind i see from your logs it is Saving filter 1634921027 contents to: /opt/AdGuardHome/data/filters/1634921027.txt)
DNS queries are in progress, but DNS blocking is completely inactive. I also tried to update the filter, but blocking still didn't work.
AGH is installed in /opt/AdGuardHome
What do you have to do to fix AGH into filtering again? Do you restart AGH and it works? Is it update the filters and it works?
Need to narrow down the issue.
It's a bit weird, after I deleted all the Filter files and updated them one by one, AGH can be blocked.