[SOLVED] Upgrading dnscrypt-proxy v1 to v2

outofscope · June 14, 2018, 4:16pm

Hi all,

I have a WRT1900ACv1 that is flashed with @davidc502 custom firmware.

I am in the process of upgrading dnscrypt-proxy to the newer v2 using the following guide :

https://davidc502sis.dynamic-dns.net/dnscrypt/

However, due to my lack of understanding, I am having some difficulty interpreting one of the instructions on line # 7 of the guide and I am hopeful that someone will be able to help point me in the right direction

Where it states "In Luci Forward DNS requests to 127.0.0.1#5353.", I am uncertain of where I actually need to navigate to in order to enter this information as there is a port #5353 tagged onto it. My initial interpretation was to enter them in:

Interfaces / LAN / General setup -> Use custom DNS servers -> 127.0.0.1
Interfaces / WAN / General setup -> Use custom DNS servers -> 127.0.0.1

But there is no placeholder field to enter the port number!

Could someone running the same build with dnscrypt-proxy v2 please help by clarifying what I actually need to do to complete this step?

Thanks,
~ Tala ~

davidc502 · June 14, 2018, 4:27pm

I'm not in my LAN right now, but when I get home I can take a screenshot.

Essentially, under General Setting just copy and paste the following "127.0.0.1#5353" into the forward text box and save.

wrtboy · June 14, 2018, 4:52pm

what does your toml file show for listen_addresses = ?

davidc502 · June 14, 2018, 6:23pm

If it was taken from the davidc502sis site then it will listen on 5353

It's good to see people go through this as I'll improve the instructions accordingly.

wrtboy · June 14, 2018, 7:38pm

then your toml file should contain a line like this:
listen_addresses = ['127.0.0.1:5353']

you can then enter them in through LuCI:
Interfaces / LAN / General setup -> Use custom DNS servers -> 127.0.0.1
Interfaces / WAN / General setup -> Use custom DNS servers -> 127.0.0.1

no need to input the port number since the toml file is already configured to listen to port 5353.

Kherby · June 14, 2018, 8:38pm

Is there any good reason to update to v2 ?
I'm using v1 for quite a while without any problems...
What's better with v2 ?

spuriousoffspring · June 14, 2018, 9:30pm

dnscrypt v2 automatically chooses the best resolver based on speed.

wrtboy · June 14, 2018, 10:06pm

also there are plenty of dnscrypt servers to choose from and v2 automatically chooses the fastest resolver.
https://dnscrypt.info/public-servers/

Kherby · June 15, 2018, 1:27am

Sounds good but i can still set the servers myself ? Im very happy with the servers which i manually picked....

outofscope · June 15, 2018, 6:23am

@davidc502 - That is correct. All files were downloaded from your instruction set. I checked the toml file as suggested by @wrtboy and verified that the listening address was 127.0.0.1#5353 and the fallback resolver was 1.1.1.1.

After following the instructions from @wrtboy by entering 127.0.0.1 in the WAN and LAN interfaces, I received positive configuration check results when performing the dnscrypt-proxy -config /etc/config/dnscrypt-proxy.toml -check test.

Is there any reason why I am not seeing dnscrypt-proxy log entries inside my syslog? Also, for housekeeping, can I delete the old dnscrypt-proxy config file that contains:

Config global

config dnscrypt-proxy 'ns1'
	option address '127.0.0.1'
	option port '5353'
	option resolver 'dnscrypt.ca-2'

config dnscrypt-proxy
	option address '127.0.0.1'
	option port '5354'
	option resolver 'ipredator'

Thanks,
~Tala~

kidcuauh · August 12, 2018, 7:22am

The differences between v1 to v2 are bigger than what I thought:

tmomas · August 19, 2018, 7:22am

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.