Hello guys. today I just turn on my modem router (TP-Link TD-W8970 V1) and see my DNS traffic did not resolving. I tried several possible ways and I doubt if my ISP was blocked DoT and Port 853.
My OpenWRT is: 19.07.2 and I using the last version of stubby.
I find this server list at dnsprivacy.org and try to set some servers with port 443 instead of 853. This is my current
# Upstream resolvers are specified using 'resolver' sections.
option address '126.96.36.199'
option tls_auth_name 'dnsovertls.sinodun.com'
option tls_port 443
list spki 'sha256/62lKu9HsDVbyiPenApnc4sfmSYTHOVfFgL3pyB+cBL4='
# option tls_cipher_list 'EECDH+AESGCM:EECDH+CHACHA20'
# option tls_ciphersuites 'TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256'
# option tls_min_version '1.2'
# option tls_max_version '1.3'
Is there anyway that I can make sure this problem isn't my side? and why I can't connect using port 443?
First thing I would check is that the server is still active and accepting connections. Have you seen. Any messages in the logs?
There is nothing suspicious in the Logs. How can I check if server is running and accepting requests on my localhost?
Hi, there. I think I have the same problem too, and I think it's a little bug.
I'm running OpenWRT 19.07.3 and the latest version of stubby.
My stubby config example in /etc/config/stubby is:
config stubby 'global'
option manual '0'
option address '188.8.131.52'
option tls_auth_name 'example.dns'
option tls_port 443
But /var/etc/stubby/stubby.yml no any changes:
# Autogenerated configuration from uci data
- address_data: 184.108.40.206
See? No "tls_port 443" option! I'm sure that's the WHY!
But I don't understand, the link shows /etc/init.d/stubby already supports option tls_port:
07:43AM - 03 May 19 UTC
08:58PM - 11 May 19 UTC
Some dns servers aren't bind to default ports therefore stubby supports tls_port in upstream_recursive_servers section.
The corr. resolver option in...
So I stopped stubby, added "tls_port: 443" to /var/etc/stubby/stubby.yml, run stubby in debug mode:
stubby -C /var/etc/stubby/stubby.yml -l
Wow, it worked.
PS: I tried to change "option tls_port 443" into "option tls_auth_port 443“ in /etc/config/stubby, no wonder happens. And sorry about my bad English.
Hope all of you could understand.
Great, thank you so much. Stubby is now working on custom tls_port.
Then I don't need https-dns-proxy, it's too buggy.
No problem - please do feel free to raise an issue in the openwrt-packages repo if you have issues with stubby in the future.
i hope stubby have luci app
Well, I'll sign up a Github account when I'm ready to be a developer. If Github accept Microsoft account that would be better.
It doesn't at the moment. It would be awesome if someone was to integrate stubby with luci though.