i tested first to see if DNScrypt was working with the quad 9 serv i set , I disabled everything else, then i followed the instructions on how to setup Anonymized DNS
how i verified it was working was by going to the quad 9 tests site to see if my default isp dns had been changed to quad 9 and it said yes i am on quad 9
next i edited the toml file and added the section for Anonymized DNS and put in one serv and two relays and saved the file and restarted dnscrypt
to test if that is working i found these instructions:
"After applying above changes, restart the dnscrypt-proxy
service and check the logs and/or status - there should be the following information:"
[NOTICE] Anonymized DNS: routing everything via [anon-cs-fr anon-bcn]
in this thread the problem seems to be resolved by changing the port on the listening address?
i could not reply to that thread and i wanted to ask the OP how was the new port number choose? does it need to match something or does it not matter, and where do i change that info at?, im still learning alot of this, thanks for any help, very much appreciated
Yes. [FATAL] No servers configured would be first place to start.
Essentially, your .toml is corrupt and your procd init script has failed to create a running instance.
Not relevant to your issue. By default dnscrypt-proxy2 listens on 127.0.0.53:53.
I suggest you restart with a fresh OOB .toml and re-establish a functioning dnscrypt-proxy2 instance that sends your DNS queries via quad9 DNSEC server.
thank you for the reply, the github guide you linked is the one i followed to setup dnscrypt v2 on my router
i see you have some ways to test each step if its working, should i reset the router and start over?
as of right now im connected to the internet using this site now on my wrt router and when i check the quad 9 site is says im on quad 9 so it appears that dnscrypt is working its just the anonymized part that is not working or am i wrong about that?
the server_names is wrong, there is no quad9-, here's a list of valid dnscrypt-proxy2 public servers. Look for quad9 servers in the list and use whatever suits your needs.
i copied and pasted that from the quad 9 toml file on the quad 9 site, and when i use the quad 9 test site it shows that i am now using quad 9, so i think that the dnscrypt serv is working, its the anonymized part that is not working, i could totally be wrong this is just my assumption
here is what i pasted at the bottom of my toml file
For example, if prefix is set to main and that list includes a resolver called example, the name main-example should be used as the resolver_names value instead of example.
quad9- is a prefix for the resolver names included in the list you defined.
Since Quad9 servers are included in the public resolver source you don't need the source you added. you just add the correct server name to server_names .
If you want to use all the servers and only those in the quad9 list, make sure you comment the public list source, and use server_name="*" for the anonymized portion of the config.
That is to be expected, I don't know exactly know what it does but if I have to guess they disable DOH on firefox by blacklisting use-application-dns.net.
originally when i followed the guide to setup dnscrypt v2 every step worked up until:
Edit /etc/config/dhcp:
config dnsmasq
# Ignore ISP's DNS by not reading upstream servers from /etc/resolv.conf
option noresolv '1'
# Ensures that /etc/resolv.conf directs local system processes to use dnsmasq and hence dnscrypt-proxy
option localuse '1'
# Disable dnsmasq cache because we don't want to cache twice and the dnscrypt-proxy cache is superior
option cachesize '0'
after applying these settings i had no internet connection at all so i reverted them, when i use dns leak checking sites now it does now show my isp IP so i am assuming that the isp resolvers are not being used, how would you recommend i verify that everything is working proper and my isp is not involved
also am i supposed to mark this thread as solved now or does someone else do that? thanks again you rock