i figured it out. ntp is blocked so the router time/year is wrong. since the time is wrong; the certificates was invalid and could not be established. This probably would not affect most users. Just an fyi.
It looks like google added dns over tls. Should test it.
Well if privacy is your concern... Use Google DNS is bad... VERY BAD...
try https_dns_proxy opkg update opkg install https_dns_proxy
I don't understand. This is a response to what?
I assume whoever wrote that was trying to point out that you can just get most of this out of the box with the https_dns_proxy, though there are downsides as it only supports a single https end point out of the box.
Using it with quad9 I've found that there are odd failures also, which as a result occasionally lead to lookup failures that take some time to bleed out of the system due to caching.