I have been searching few days to get the "private DNS mode" setup in Openwrt, where a similar option can be found in Android 9 above, using this method, I don't need to install an additional app on the phone, yet I can enjoy blocking ads if I use "dns.adguard.com" for example.
Perhaps a small or similar lightweight DNS proxy server package add-on can do the work?
Running Adguardhouse server on the box is going to eat up huge resources esp on the normal off-the-shelf router.
Refer to Google Android phone, this is basically the DNS over TLS support brought by introducing the Private DNS feature. It's to encrypt all DNS traffic on the phone and enabled by default and uses a secure channel to connect to the DNS server if the server supports it.
However, I have added dns.aguard.com in the stubby.yaml, it does not seem to work, not sure if I have missed out anything?
# Note: by default on OpenWRT stubby configuration is handled via
# the UCI system and the file /etc/config/stubby. If you want to
# use this file to configure stubby, then set "option manual '1'"
# in /etc/config/stubby.
## Adguard Default servers ipv4
- address_data: 18.104.22.168
- address_data: 22.214.171.124
you could also try
https-dns-proxy for DoH.
Tried https-dns-proxy, but it doesn't block it example I am still able to open up the adult website without any problem.
Is force dns enabled in https-dns-proxy?
Have you opened "the adult web-site" from the same client before?
Does that client use DoH/DoT/VPN service of their own?
It is already forced and no VPN client is running.