A combination modem-->router-->wifi AP box is called a Home Gateway in the industry.
The primary market for them is not retail. They are bought in quantity by ISPs, then rented or otherwise supplied to customers. If your ISP is providing such a box without extra charge you can continue using it, but the important thing is that you look at it as being part of the Internet, and thus it can't be trusted. Treat the ISP box as a converter from Ethernet to DSL, and provide your own router with secure firmware. Your router and endpoints should be encrypting everything before reaching the modem, and firewall out any connections from outside.
I know how to encrypt my dns queries with DoH as you stated but what about other stuff? or it's only thing i do is dns encrypt ?
And can't i just use my openwrt router behind my modem itself? would it be same setup as using it behind my isp's router? (as again i hate my isp's router and want to really hammer it)
If your browser shows a padlock next to thr URL, the data exchanged with the site is being encrypted, you don't need to do anything else. DNS is the only thing that your clients might not encrypt, by default.
Sure you can, and yes, it'd be the same kind of setup.
Okay okay i know i asked a lot, mostly stupid questions but minor more question because after thinking i wanted yes to use modem and new router only and after i think i see i can't do my router behind modem right? so putting my new openwrt router behind my isp router is not an option for me so it will be only modem and openwrt router and my question now is can i achieve privacy/security by that? by using my closed source modem -> my open source router (with encrypted dns), would it achieve same results as putting my openwrt router behind my isp's router?
and thanks, i mean it thanks to you and all people who replied to me it means a lot to me <3
Yeah sometimes like now i get paranoid, i usually take days to chill again
And alright, i just installed dnscrpyt proxy and enabled DoH (actually better, https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Oblivious-DoH) so it's ODoH actually and i remember you said before that it's fine to use modem as most connections are encrypted already so hmm i think i'm fine now
Again thanks for help and we might meet again because i'm sure i will find difficulties trying to install openwrt so until that happen be safe
The TD-8816 can be set-up as eitherBridge mode or Router-PPPoE mode. Bridge mode is used when it will be connected to a separate router. Router mode is used when it will not be connected to a separate router. I used this modem/router in bridged mode a decade ago, before VDSL2. The DSL-520B also does bridging.