Any chance of adding DNS over HTTPS to Gargoyle?

General discussion about Gargoyle, OpenWrt or anything else even remotely related to the project

Moderator: Moderators

tapper
Moderator
Posts: 1067
Joined: Sun Oct 13, 2013 5:49 pm
Location: Stoke-on-trent UK

Any chance of adding DNS over HTTPS to Gargoyle?

Postby tapper » Fri Jul 12, 2019 6:49 pm

Hi Any chance of adding DNS over HTTPS to Gargoyle?
The package is in the OpenWrt packages git It would just mien righting a script to make the changes to /etc/config/dhcp and exposing it to the GUI. I think. :)
Linksys WRT1900AC V2 Gargoyle 1.11
Linksys WRT3200ACM OpenWrt Snapshot

RomanHK
Posts: 488
Joined: Sat May 04, 2013 4:18 pm
Location: Czech Republik

Re: Any chance of adding DNS over HTTPS to Gargoyle?

Postby RomanHK » Sat Jul 13, 2019 4:57 am

I don't think anything like that will support Gargoyle. I tried DNS over TLS here: viewtopic.php?f=5&t=11924 and I wasn't successful. The Unbound Resolver application works well in the router. You can try DNS over TLS with the Unbound application. I can do a step-by-step Unbound installation guide.
Turris Omnia with Gargoyle 1.12.0
Linksys WRT3200ACM with Gargoyle 1.12.0
TL-WR1043ND v2 with Gargoyle 1.10.0

tapper
Moderator
Posts: 1067
Joined: Sun Oct 13, 2013 5:49 pm
Location: Stoke-on-trent UK

Re: Any chance of adding DNS over HTTPS to Gargoyle?

Postby tapper » Sun Jul 14, 2019 7:01 pm

Yes I meen DNS over TLS. You can do it with dnsmasq with the package called https-dns-proxy.
https://openwrt.org/docs/guide-user/ser ... -dns-proxy
Linksys WRT1900AC V2 Gargoyle 1.11
Linksys WRT3200ACM OpenWrt Snapshot

RomanHK
Posts: 488
Joined: Sat May 04, 2013 4:18 pm
Location: Czech Republik

Re: Any chance of adding DNS over HTTPS to Gargoyle?

Postby RomanHK » Mon Jul 15, 2019 1:35 am

As I wrote (viewtopic.php?f=5&t=11924&start=20#p53245), the DNSMASQ (full) DNSSEC application disappointed me and did not validate correctly :( , here you can try it: https://rootcanary.org/test.html

That is. transmission would only be encrypted with HTTPS protocol but would not be properly validated by DNSSEC, so I will still stay with UNBOUND ;) .
Turris Omnia with Gargoyle 1.12.0
Linksys WRT3200ACM with Gargoyle 1.12.0
TL-WR1043ND v2 with Gargoyle 1.10.0

tapper
Moderator
Posts: 1067
Joined: Sun Oct 13, 2013 5:49 pm
Location: Stoke-on-trent UK

Re: Any chance of adding DNS over HTTPS to Gargoyle?

Postby tapper » Mon Jul 15, 2019 11:38 am

Hi I installed the https-dns-proxy in Gargoyle and it works grate You are rite about the TLS part tho. I am going to have ago at installing stubby. I will let you know how I get on. Btw on a DNS testing page it says that dnsmasq does dns ecc rite.
AT https://dnssec.vs.uni-due.de/
It says:
Yes, your DNS resolver validates DNSSEC signatures.
Linksys WRT1900AC V2 Gargoyle 1.11
Linksys WRT3200ACM OpenWrt Snapshot

tapper
Moderator
Posts: 1067
Joined: Sun Oct 13, 2013 5:49 pm
Location: Stoke-on-trent UK

Re: Any chance of adding DNS over HTTPS to Gargoyle?

Postby tapper » Tue Jul 16, 2019 5:20 pm

Hi after testing DNS over HTTPS and Stubby they both work just fine with DNSMasq. I all so tested them both with the adblock pluggin and it works for me. From What I am reading on the web it seems like DNS over HTTPS is geting used more by big projects like Firefox and the like. If DNS over HTTPS is getting used more then I think Gargoyle should use DNS over HTTPS.
Linksys WRT1900AC V2 Gargoyle 1.11
Linksys WRT3200ACM OpenWrt Snapshot

RomanHK
Posts: 488
Joined: Sat May 04, 2013 4:18 pm
Location: Czech Republik

Re: Any chance of adding DNS over HTTPS to Gargoyle?

Postby RomanHK » Tue Jul 16, 2019 5:39 pm

O.K. as I wrote, it depends on the user what they choose ;) .

DNS over HTTPS can be implemented as a plugin and can be further improved (fixes, improvements, ...). Another reason is the absence of free FLASH in older routers, so as a plugin is probably a good idea.

Observe carefully LOG, because a bad validation message appears from time to time, exceeding DNS packet size and STUBBY has a MX record problem (not always).
Turris Omnia with Gargoyle 1.12.0
Linksys WRT3200ACM with Gargoyle 1.12.0
TL-WR1043ND v2 with Gargoyle 1.10.0


Return to “General Discussion”

Who is online

Users browsing this forum: No registered users and 12 guests