thanks for the tip, i can handle it slowing a down a bit im sure its better then tor for my threat model, i seen somewhere load balancing mentioned and even distribution of dns requests to all providers, but when i was reading the documentation it seemed that dnscrypt would just choose the fastest dns provider
Take your time and read and then re-read the .toml
. It’s your best documentation. FWIW, don’t make mass changes until you get a feel for it. It’s easier to revert single steps
ya that was my original mistake now ill do one at a time, there is alot of options that appear to effect privacy and security
I had dnscrypt-proxy2 running on my OpenWrt 22.03 for a while, works pretty well. The setup is simple, just edit the default /etc/dnscrypt-proxy2/dnscrypt-proxy.toml file, modify the server_names line to:
server_names = ['quad9-dnscrypt-ip4-filter-pri', 'quad9-doh-ip6-port443-filter-pri']
and listen_addresses line to:
listen_addresses = ['127.0.0.53:53', '[::1]:5353']
Then set your dnsmasq upstream to match the listen addresses above. (you can use ipv4 if you don't use ipv6, or use a different loopback ip/port, it's up to you)
So you can close this thread with the best solution