I seem to be having an issue with DNS and I'm not sure how to pinpoint the cause. I know it's a DNS issue because I can ping 22.214.171.124, but not www.google.com. I can also fix this by specifying my own DNS server in network settings on my laptop - say Quad9 126.96.36.199. When I do this, everything is fine.
I suspect it might have something to do with AdGuard Home when I installed it, because it takes over DNS. I did a factory reset and no longer have AdGuard Home installed. I did restore some config and I am suspecting it might actually have something to do with DHCP and static leases. I have quite a few static leases. Here's an example:
option name 'DEVICE NAME REMOVED'
option dns '1'
option mac 'AA:AA:A:AA:AA:AA'
option leasetime '0'
option ip '192.168.1.154'
What is DNS 1 exactly? Should this be a 0? AdGuard also seems to have disappeared from the software page, so I wonder has it been removed? That's another issue I guess.
Correct in asking for setting for DCHP file setting to see if there are AdGuard Home specific setting that linger causing the conflict.
This type of issue hampered me when Stubby specific options lingered
list server '127.0.0.1#5453'
option noresolv '1'
option dnssec '1'
My WAN DNS are set to "Use DNS servers advertised by peer". That box is checked. I unchecked it and set a custom domain on 188.8.131.52 but it made no difference. Is thre any other detail I could provide that might be useful? Thanks.
Thanks! Are you saying I need to remove these entries completely or change them? Cheers
Thanks for that. So AdGuard did have something to do with it? When I had AdGuard installed, DNS wouldn't work at all until I logged into AdGuard. After I factory reset, all I did was copy over the dhcp file and a few other things, but suspected it was something in the dhcp config that was causing it.
I wonder should I just do this for simplicity? Thanks!
list server '192.168.1.1' # <-- here you say your upstream DNS server is 192.168.1.1 - which is your router. remove it.
option port '5353' # <-- here you say that your dns server (=dnsmasq) should listen on port 53. but i assume your clients use default 53. remove it
above setup made sense when you had adguard as all dns traffic was hijacked/captured by adguard instead of dnsmasq.
config dhcp 'lan'
list dhcp_option '6,192.168.1.1' # <-- here you say all dhcp client should use this ip as DNS server. which is ok if your router with dnsmasq runs on this ip, but actually obsolete. you can remove
list dhcp_option '3,192.168.1.1' # <-- strictly speaking this is neither a must, you can remove but ok to leave as is. this sets the default gateway for your dhcp clients
As others have pointed out, your dnsmasq file still has some leftovers from AGH install. I made an uninstall script from my manual install thread that removes all AGH options and resets your dnsmasq file back to a working config.
The reason you lost DNS is because AGH inserts itself as the primary DNS and pushes dnsmasq to port 5353 to be a resolver internal dns. Its sole use is for PTR lookups for your clients. A cleaner way to deploy AGH would be to disable OpenWrt's DHCP and switch over completely to AGH's DHCP but they still have some code refactoring to sort out for AGH. I and James decided that due to the state of AGH's DHCP that it would be wiser to do this split setup until AGH's DHCP improves to the level of OpenWrt's DHCP. Right now simple DHCP on a flat network will work but more complex networks with VLANs etc would be tricky to implement.
#include uninstall script.
curl -s -S -L https://raw.githubusercontent.com/AdguardTeam/AdGuardHome/master/scripts/install.sh | sh -s -- -v -u
# 1. Reverts AdGuard Home configuration and resets settings to default.
# 2. Enable rebind protection.
# 3. Remove DHCP options for IPv4 and IPv6
uci -q delete dhcp.@dnsmasq.noresolv
uci -q delete dhcp.@dnsmasq.cachesize
uci set dhcp.@dnsmasq.rebind_protection='1'
uci -q delete dhcp.@dnsmasq.server
uci -q delete dhcp.@dnsmasq.port
uci -q delete dhcp.lan.dhcp_option
uci -q delete dhcp.lan.dns
# Network Configuration
# Disable peer/ISP DNS
uci set network.wan.peerdns="0"
uci set network.wan6.peerdns="0"
# Configure DNS provider to Google DNS
uci -q delete network.wan.dns
uci add_list network.wan.dns="184.108.40.206"
uci add_list network.wan.dns="220.127.116.11"
# Configure IPv6 DNS provider to Google DNS
uci -q delete network.wan6.dns
uci add_list network.wan6.dns="2001:4860:4860::8888"
uci add_list network.wan6.dns="2001:4860:4860::8844"
# Save and apply
uci commit dhcp
uci commit network
I tried removing a few things from the dhcp config, but no luck. I then decided to do another factory reset, then just manually copy over the static dhcp leases to the newly install dhcp config. Everything is now working correctly No more DNS issues!
I think something was missed when I installed AdGuard. I'm not sure what happened! I really would like it to run but it looks like it is no longer available from the opkg package list?
Thank you! That uninstall script would have probably saved me a lot of bother. I didn't realise that after factory reset and restoring that it wouldn't restore packages. Even still though, this is really useful. Thanks for pointing it out!
Yeah I think something was missed during the install which I didn't realise.
Its showing up here on my feed but i'm using a snapshot release.
You can always do a manual install using my thread. Both the opkg and manual install require some SSH usage as you cannot deploy out of box without assuming some defaults and so you must do some config on the way. The differance between the opkg versions and the manual is opkg only takes the stable releases and repacks them for OpenWrt. Manual version lets you use the more up to date feeds (which are at this point fairly stable) but aren't really "stable" releases so aren't allowed under opkg rules.
Not sure why. I installed it from here before, but it's not there after factory reset. I have updated the list many times which is successful, but still AdGuard Home is not there. There's a normal adblock application but I would much rather use AdGuard.
I was going to use this guide, but I don't want to screw my DNS up again.
Also, it would be interesting to know why I can't see it. I am using a Belking RT3200 router and I updated the snapshot for RT3200 UBI using today's snapshot.
If you use my thread it prepares your router for installing AGH and uses AGH's developer script to install their edge build directly. This means making the minimal of changes and means all of AGH's stuff is in the same places as if you follow their manual install method off their wiki.
The main difference between the opkg version and mine is that mine follows the AGH developers install of using /opt/AdGuardHome as base install (but with this you require more space for the binaries and logs) vs the opkg version that installs into custom location and logs to /tmp which means when you reboot you loose your statistics and logs. It does however mean less space used.
Both opkg and manual install insert AGH as primary DNS and push dnsmasq to internal only to keep memory usage lower and to stop extra hops for dns lookups. The easier way is to install AGH behind dnsmasq but this is a sub par way of dealing with this and makes for extra dns hops. (and additional memory usage as dnsmasq forks each request and uses more memory)
* A router with a recent OpenWrt version installed.
* 100MB free RAM.
* 20MB free disk space.
the main AGH binary is now 35 mb so u need at least 70mb free (for main binary and backup when it updates)
His guide also does a full manual install (using a zipped package) and doesn't use the developers automated script.
There's more info here about manual installs from the AGH team.