Dear Specimen,
Hello and I hope that you are well. I communicated to you earlier ( if you remember ) that I should be more " open-minded ". So with that in mind, I followed your guide and went ahead and followed your very informative guide and set up DNS OVER TLS using just stubby and dnsmasq.
Things went very well overall. I did not install this to ram - I used my WRT1900ACS V2 with USB drive attached. Also, I use a VPN client so I hit a small hiccup there but was able to get over that small hurdle.
I wish to commend you on a fine guide / tutorial and I wonder if you would mind writing up a similar tutorial which is designed for a more standard setup using Stubby and DNSMASQ in mind. Specifically, I would address with VPN piece as many users implement this option in addition to DNS encryption.
I propose a separate tutorial as I increased cache size for dnsmasq and other features and do not wish to step on your work rather to enhance it for others who may have more standard memory and storage options available on their routers while running OpenWrt.
Call it a collaboration. In any event - thanks for your work. As I said earlier, I am all about advancing DNS OVER TLS ( DNSPRIVACY ) for all. See some of my other work here:
https://forum.netgate.com/topic/130832/solution-posted-dns-tls-getdns-stubby-from-pfsense-freebsd-ports
https://forum.opnsense.org/index.php?topic=8579.0 https://forum.opnsense.org/index.php?topic=8759.0
Proper Setup For New Native Unbound DNS-Over-TLS Feature Starting With UNBOUND 1.7.1
Call me a proponent and advocate for internet freedom - again - I thank you for your work.
Peace,
directnupe