New to Linux and problems with ISP

Greetings, I heard about OpenWRT project in Reddit but didn't see much helpful stuff there.

TL;DR : I am a pure noob looking for help installing OpenWRT with DNSCrypt or DNSmasq or DoH (IDK what to look for) on a 4/32 router.

About Me :-
I have No linux experience or network stuff knowledge either.
Using old Windows Computer and TP-Link WR841N Router (v14)

Problem :-
ISP straight up lied about custom DNS support during installation and now forces me to use their DNS servers by redirecting all Port 53 traffic to their server (not sure about redirection part).

My intention with this project :-
Learn more about this project and its uses and advatages. Stay safe from DNS Hijacking.
Bypass ISP DNS by using DNSCrypt or DoH or DNSmasq something I dont know anything about.

Looking for :-
Instructions and Precautions so that I don't damage my device (TP-Link WR841N). It is a cheap device but I cannot financially afford to buy another if this one is destroyed.

I have seen a privacy focus build here on this forum but I have no idea what any of the terms like LEDE or any of the files mean.

Will anybody guide me to correct forum or where to get more information and precautions steps?

Apparently you have a router with little flash memory of 4 / 32mb ram and openwrt would no longer work correctly but if it is only to use normal custom dns you can use openwrt but if you want to install other packages I doubt you can do it unless you use a pendrive for more Flash memory

3 Likes

Thank you for your reply @edwpat
Will it be possible for me to use the custom built firmware build that I found on the forum and linked in the post? Will my hardware version work with that one? Apologies for such questions but I have no idea how routers work.
Apparently I just need DNS encryption or something to stop my ISP from DNS Hijacking. Nothing else.

DNSCrypt v1 should be the lightest option.
DoH, DoT and DNSCrypt v2 are quite heavy.

2 Likes

Thanks for the information @vgaetera I am still looking for tutorials as well as answers.
I wanted to know if it would be possible to use the custom firmware that I found in this forum and linked in the post. Also, would my hardware version accept that?

1 Like

@ThisIsPratyay, welcome to the community!

Did you ask @xhaka?

2 Likes

The considerable extra effort of fighting with 4/32 memory limits before you even get to configuring applications is really not good for beginners.

For someone trying to learn OpenWrt with absolutely no money I'd suggest loading an x86 build on an old PC with two network cards. But placing that in 24-7 service will run up your electric bill fast enough that it would be better to invest in an actual router.

If your ISP speed is not high the under $25 GL-Inet GL-AR300M (16/128 memory) would be suitable.

1 Like

Thanks for the reply!
No I did not specifically bother any user with my queries as it was my assumption that these might be simple things for such a community so any other user could help me discuss this issue and perhaps introduce me to OpenWRT requirements, precautions and installation procedures.

Thanks for the suggestion. I see how clever that can be!
But as you mentioned, electricity bill as well as hardware requirements; I cannot afford any of that. I'm just a student who supports open source solutions and believes in internet neutrality and freedom of speech. I want to learn Linux in the next couple of years and am switching to Linux based OS and leaving Windows.
I would also like to mention again that my concern remains with the DNS Hijacking they do and not with the speed they provide. But thanks for the idea. It seemed very unique.

Consider to simply enable DoH in the browser.

2 Likes

With some patience you can find amazing devices on the second hand market, but 15-20 USD delivered for a GL.Inet is hard to beat (yes, these would be 2.4 GHz only (so worse than a good deal on the second hand market), but at least they have enough flash/ RAM).

1 Like

Thanks for the input again. It is very good alternative. I already use DoH in my Firefox and Opera Browsers. I was looking for a network-wide or at least OS-wide solution. Any other solution seems to require more money from my side.
My choice of getting the most reliable router model in my country seems to have backfired because of my ISP.

1 Like

Did not think of that! I am from India and yes Amazon delivers products here but I will try to look at the various second hand markets once I am able to afford spending more money for this.
But for now maybe my ISP will take advantage of hundreds of unaware customers who browse freely (I mean with censorship included but whatever).
But thanks for giving me the idea! Guess I'll need more time and save more money.

You can get started with latest 18.06 release ( for 841 v14) https://downloads.openwrt.org/releases/18.06.8/targets/ and this tutorial https://openwrt.org/docs/guide-user/services/dns/doh_dnsmasq_https-dns-proxy

Hmm... it seems v14 is not yet suported and i find less chances to be as it a 4/32 device.
Ping me on PM and I might be able to provide some other custom build (padavan ng) with dnscrypt enabled

1 Like

If your main goal is to have DoH (or DoT) on your Windows Computer (not only on a specific browser), you could simply install DNSCrypt (or cloudflared - notice the final 'd') or stubby.

To check that it actually works, you could browse to https://www.dnsleaktest.com/

No need to "hack" your router (v14 is not supported and probably won't be since it is a 4/32 device).
The main drawback is that your mobile phone and other devices on the LAN won't be "protected". However, you could always install DoH/DoT on them as well (or point your dns settings to your computer, although it might be a little more elaborate).

Thanks for your response.
I am most concerned since my hardware is WR841N v14 but the tutorials are for older models.
I am glad you made me aware of the releases and I have already seen the tutorial although might need to learn a little CLI commands and stuff before attempting this.
Really don't want to brick my router because I don't know what to do to rescue it.
But really appreciate the support from the community.

Thank you. My thoughts exactly.
Other devices remain vulnerable.
I have considered DNSCrypt for Desktop but I cannot run the machine as a DNS server 24/7 like my router or afford a Raspberry Pi for Pi-hole.
I appreciate the input very much.

If a guide doesn't include your device, don't follow it.

The hardware may be different and not compatible.

1 Like

I agree with you on this one.
I can NOT afford to buy another router. Had to save a lot of money for this one although it seems pretty cheap for many people. Did not know about OpenWRT back then otherwise I might have chosen something else.
Appreciate the community support. Thank you very much.

:+1:

BTW, you don't have to draft a new reply to each person, we can all see them.

1 Like