[Solved] DNS Troubleshooting

If you use my thread it prepares your router for installing AGH and uses AGH's developer script to install their edge build directly. This means making the minimal of changes and means all of AGH's stuff is in the same places as if you follow their manual install method off their wiki.

The main difference between the opkg version and mine is that mine follows the AGH developers install of using /opt/AdGuardHome as base install (but with this you require more space for the binaries and logs) vs the opkg version that installs into custom location and logs to /tmp which means when you reboot you loose your statistics and logs. It does however mean less space used.

Both opkg and manual install insert AGH as primary DNS and push dnsmasq to internal only to keep memory usage lower and to stop extra hops for dns lookups. The easier way is to install AGH behind dnsmasq but this is a sub par way of dealing with this and makes for extra dns hops. (and additional memory usage as dnsmasq forks each request and uses more memory)

(edit)

System requirements[#](https://bayas.dev/posts/adguard-home-openwrt/#system-requirements)

* A router with a recent OpenWrt version installed.
* 100MB free RAM.
* 20MB free disk space.

the main AGH binary is now 35 mb so u need at least 70mb free (for main binary and backup when it updates)

(edit2)
His guide also does a full manual install (using a zipped package) and doesn't use the developers automated script.

There's more info here about manual installs from the AGH team.

1 Like

Thank you! I wish I could give you a hundred thumbs up for that. Great advice! I'm going to use your method for sure.

I'm still somewhat confused by the memory and disk space. I'm sure there's a very valid reason for it, but I don't understand why so much space is allocated to temp, leaving only 80MB. I guess this will be enough but ideally, I'd like to keep plenty of space free for other packages etc.

Regarding your specific disk space it is most likely down to how OpenWrt partitions its space for your particular router. Without knowing more about it i cant guess further than that. My router uses a sdcard so i'm using a 32gb card so i dont need to worry about disk space. I also run my ubiquiti cloud manager from a docker container on the router.

Regarding AGH? The space requirements used to be smaller but the 107 build introduced a fair bit of extra space used (its down to the Go Librarys they updated. They are looking into it and one way to get the space down is to compress it and let the cpu decompress on the fly.

There is an issue filed on it and last i checked it was to be dealt with as part of the 108 builds but my guess is they probably pushed it back to the 109 build.

The reason for double space usage is when AGH upgrades it copies your existing binary and setup files into a backup folder. Then it installs over the top of the main binary and restarts. I have a manual script (that you need to edit depending on your cpu type) that will upgrade in place and I've asked the developers about it and it is part of their refactoring of the codebase but is still not completed yet. (AGH tends to silently fail doing an update with no disk space left. It does complain in the logs but the interface just reports "Failed". I've asked them to do some simple disk space checks but that then circles around back to how much space they use which they are trying to reduce. Right now there is no "simple" way they can say "we use X space. Check thats free") (edit - found it - https://github.com/AdguardTeam/AdGuardHome/issues/3801)

Your logs can be controlled by keeping them to 30days or so. or even a week if u just want minimal logs. Statistics can be 90days as the main db for that isn't huge. Sadly i just reset all my logs and stats this week trying to hunt down some adverts slipping past my filters so i cant give you some longer term log sizes.

One useful link to watch is this https://github.com/AdguardTeam/AdGuardHome/commits/master

That shows you all the patches they are doing to AGH and if you are using the edge build then that is all the updates for it.

Found one my old issues for AGH. That actually shows some of the log file sizes.

-rw-r--r--    1 root     root       45.4M Nov  2 20:42 querylog.json
-rw-r--r--    1 root     root        8.9M Oct 29 09:00 querylog.json.1
-rw-r--r--    1 root     root       32.0K Oct 30 05:28 sessions.db
-rw-r--r--    1 root     root        4.0M Nov  2 21:00 stats.db

As you can see if you log everything then your disk space will go up considerably. The stats db as i remembered is indeed tiny.

These are my current file sizes.

-rw-r--r--    1 root     root       12.5M Apr  1 19:16 querylog.json
-rw-r--r--    1 root     root       32.0K Apr  1 19:16 sessions.db
-rw-r--r--    1 root     root      256.0K Apr  1 19:16 stats.db

1 Like

Wow. Thank you for taking the time with such a detailed and well coorindated reply. I really do appreciate it!

Haha, not likely anytime soon! Are you running on a Pi?

I'd be ok with keeping the logs for 7 days or so, given my limited space. I guess I'll just have to experiment with it. Your method is definitely better, because of course I had the issue if the logs clearing every time I rebooted.

I'm all over this link! I'll most certainly be keeping a close eye on it. Thank you!

I'll have another go at installing AdGuard over the weekend and let you know how I get on. Out of interest, do you use the default filter lists or is there any extra you'd recommend? Thanks again and sorry about all the questions!

2 Likes

You are welcome. I took about 3 threads on the forum including a massive 2yr long one and with some further research and testing (along with some help from a few others), turned all that into my master thread. From those efforts and some help from @jamesmacwhite a wiki was sorted out and finally an opkg version properly sorted. (the 104 edition of agh was... really bad.) That's one reason why i re-wrote everything and got it to a more useable state, plus feedback to AGH team with issues too. Part of it is i think they were surprised at how AGH was being used on much smaller routers etc. They were used to people using x86 routers or even mini pcs where space and memory isnt constrained but building into soho routers takes much more care and planning. (like how my manual version vs opkg version differ due to space and usage).

Nope. Something rather more fun. a NanoPi R4S : NanoPi R4S-RK3399 is a great new OpenWrt device
That plugs into a local lan switch (I really want a ubiquiti POE one but getting one is damn near impossible right now) and then a separate POE powered Ubiquiti AC-Lite for my wifi due to my insane concreate walls that make wifi damn near impossible.

It shouldn't be a major issue. I haven't rebooted mine in a while.

root@OpenWrt:~# uptime
 22:28:51 up 41 days,  4:57,  load average: 0.10, 0.21, 0.14

But yes, loosing the logs can be a pain. For most people however its not too bad an issue. If you have the space however, then the manual version where you can keep all the logs etc is much nicer.

No problem on questions. Drop a post in the thread if you run into issues. That's what its there for.

As for filters... that's bit more tricky. I was using a custom set and i did publish them but AGH team redid a fair few of them and now the ones they come with are pretty good. There are one or two i wouldn't use and i also use a few different ones from the custom ones just purely down to my choices. But for completeness i'll list you the filters part from my yaml file.

filters:
- enabled: true
  url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
  name: AdGuard DNS filter
  id: 1
- enabled: false
  url: https://adaway.org/hosts.txt
  name: AdAway Default Blocklist
  id: 2
- enabled: true
  url: https://raw.githubusercontent.com/Perflyst/PiHoleBlocklist/master/SmartTV-AGH.txt
  name: Perflyst and Dandelion Sprout's Smart-TV Blocklist
  id: 1625359387
- enabled: true
  url: https://raw.githubusercontent.com/durablenapkin/scamblocklist/master/adguard.txt
  name: Scam Blocklist by DurableNapkin
  id: 1625359388
- enabled: true
  url: https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
  name: https://github.com/StevenBlack/hosts
  id: 1625359390
- enabled: true
  url: https://osint.digitalside.it/Threat-Intel/lists/latestdomains.txt
  name: https://firebog.net/  - OSINT.digitalside.it
  id: 1625359391
- enabled: true
  url: https://v.firebog.net/hosts/Easyprivacy.txt
  name: https://firebog.net/  - EasyPrivacy
  id: 1625359393
- enabled: true
  url: https://www.github.developerdan.com/hosts/lists/ads-and-tracking-extended.txt
  name: https://www.github.developerdan.com/hosts/
  id: 1633201708
- enabled: true
  url: https://phishing.army/download/phishing_army_blocklist.txt
  name: Phishing Army List
  id: 1635888815
- enabled: true
  url: https://raw.githubusercontent.com/hoshsadiq/adblock-nocoin-list/master/hosts.txt
  name: NoCoin Filter List
  id: 1639602953
- enabled: false
  url: https://raw.githubusercontent.com/DandelionSprout/adfilt/master/Alternate%20versions%20Anti-Malware%20List/AntiMalwareAdGuardHome.txt
  name: Dandelion Sprout's Anti-Malware List
  id: 1639602954
- enabled: true
  url: https://raw.githubusercontent.com/mitchellkrogza/The-Big-List-of-Hacked-Malware-Web-Sites/master/hosts
  name: The Big List of Hacked Malware Web Sites
  id: 1639602955
- enabled: true
  url: https://curben.gitlab.io/malware-filter/urlhaus-filter-agh-online.txt
  name: Online Malicious URL Blocklist
  id: 1639602956
whitelist_filters:
- enabled: true
  url: https://raw.githubusercontent.com/anudeepND/whitelist/master/domains/whitelist.txt
  name: https://github.com/anudeepND/whitelist
  id: 1625359392

I'd suggest you just copy the name of the list and its location into the AGH interface by doing a manual list unless you are confident at editing yaml files. Even an extra space will make it barf up with config errors. (trust me... done it myself and its a pain.)

The whitelist one is quite important. Anudeep also lists a couple of other ones in case the wife likes shopping sites etc. That enables referral links etc.

AdAway Default Blocklist and Dandelion Sprout's Anti-Malware List i disabled due to some issues. I may have to check it out again at some point but the rest were ok. However his Smart TV blocker is wonderful.

What i do caution for filters is this. Start small, look at what is going on in your network, don't just add 2million filters and then wonder why your router is on fire. Its also another reason i removed my personal lists and tell people to start with the default ones the AGH team update internally.

(edit) Once you have your family filtering done and working, please feel free to document it in a post on the thread. I don't use family filtering and dont have a lot of other devices to do that kind of testing with. I'm sure others will be in your situation of requiring filtering and monitoring of the little ones and would appreciate your experience of setup etc. I could then add relevant bits to the wiki as well for others to use. #themoreyouknow :slight_smile:

2 Likes

IKR

:fire: LOL
It's a shame that there isn't a DOUBLE SOLVE button. I know who my friends are now!!

1 Like

One of the reasons i try to explain everything?

This

:rofl: :sunglasses:

2 Likes

All long help threads should have a sticky globally-editable post at the top saying 'DEAR PEOPLE FROM THE FUTURE: Here's what we've figured out so far ...'

Damn, just missed the launch of NASA's Voyager 1 by a few decades... F!

2 Likes

Thanks again for all the great help! I'll definitely get to it as soon as I sort out a couple of other issues first. My IPTV needs sorted and some issues with DDNS. I'm sure I'll get there in the end though. I'll update here when I get AGH up and running :slight_smile:

1 Like

Quick question, need to know the specific release branch and router targets people are using if the builds are failing on certain router architectures. I've poked james about it and if we can get more info we can do some investigations.

2 Likes

I think I might know what's happening. I believe master (snapshot) currently have the package missing. This could be due to the recent Go 1.18 update.https://github.com/openwrt/packages/pull/18147.

There was some foresight it might be a problem: https://github.com/openwrt/packages/issues/17508, its likely because AdGuardHome doesn't like being built with a different version of Go. Currently 0.107 stable releases require 1.17, but now OpenWrt is using 1.18 in master, which might explain the failure.

Edit: Yeah it is failing in master, there are faillogs for the package: https://downloads.openwrt.org/snapshots/faillogs/arm_cortex-a9_vfpv3-d16/packages/adguardhome/compile.txt

4 Likes

This is the exact snapshot I am using

https://asu.aparcar.org/?version=SNAPSHOT&target=mediatek%2Fmt7622&id=linksys_e8450-ubi

2 Likes

Somebody owes you a sack of MONEY for your trouble. :rofl:

1 Like

Hahaha yeah well I've probably caused most of them to be fair :sweat_smile:

It seems that maybe things might just about to get even easier. Looking at the pictures in those blogs, this appears to be a much more polished version of AGH. With better stats and parental controls. Its in beta right now but I'm rather curious as to how it will compare against AGH currently. I definatly want those stats pages etc. And I'm fairly sure the more polished parental controls would be a must for others.

Especially this one eh? just push button to do what this entire thread spawned :stuck_out_tongue:

1 Like

Thank! Haha yes that's exactly what I'm looking for :slight_smile:

I've decided to ditch the Belkin RT3200 as my main router. I'm having far too many issues trying to get it working properly. I've spent so many hours trying to get seemingly basic things working and as soon as I change one thing, something else breaks. I'm sure this is mostly caused by me, but other issues, such as the firewall time rules working, then for no reason not working? I can't get my head around it. I think what I'm going to do now is what I should have done a long time ago. Use my server which I have on 24x7 connected directly to my router for AGH. I will probably use my other OpenWRT router (Xiaomi Mi 4A Gigabit) as an access point and go from there.

The final straw for me witht the RT3200 was trying to get my IPTV to work with OpenWRT. I tried all the settings I could find, and ended up bricking the unit again. I did manage to recover it but again, I had issues with restoring from backup. I might try again when there is a stable release for the RT3200.

1 Like

igmpproxy

you may however need to alter the default config to allow from a broader connection range.
/etc/igmpproxy

list altnet 0.0.0.0/0

Thank you for that @mercygroundabyss

I've already spent many hours with igmpproxy and the changes either didn't work, or it broke other things and ended up bricking my router completely. I fully admit that this could have been something I did, but to the best of my knowledge, I was at least careful and don't recall breaking anything obvious.

I'm certainly not giving up on OpenWRT. I think I will use my lower powered Mi 4A Gigabit router seeing as I am going to run AGH from my server instead, so don't really need the extra space etc. I may just use it as an OpenWRT access point. I'm not sure yet! I'm going on a break in a few days' time, so will no doubt start poking around with OpenWRT again when I return :slight_smile:

1 Like

if you want more logging to see what's happening. put the verbose to 3 and restart it. Then you can see everything going on and just reduce it down to 1 once you have it working.

dont forget option igmp_snooping 1 on your lan bridge thou.

/etc/config/igmpproxy

config igmpproxy
	option quickleave 1
#	option verbose [0-3](none, minimal[default], more, maximum)
	option verbose 1

config phyint
	option network wan
	option zone wan
	option direction upstream
    list altnet 0.0.0.0/0           # allow everything

config phyint
	option network lan
	option zone lan
	option direction downstream

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.