OpenWRT - Configure DNS-over-HTTPS (DoH)
In this video, we are going to configure DNS over HTTPS on OpenWRT LuCI to secure the DNS queries that come from LAN devices to the internet. If you want configure DNS-over-TLS, you can check out the tutorial on the link below.
In order to configure DoH, we will need 2 main packages - dnsmasq which is the default DNS resolver for OpenWRT and https-dns-proxy. Besides, you will need luci-app-https-dns-proxy in order to monitor & configure DoH on LuCI. https-dns-proxy uses Google and Cloudflare as default DoH providers and we are fine with that.
Videotimeframe:
00:00 - DNS-over-HTTPS with Dnsmasq and https-dns-proxy
00:36 - Install required packages
01:52 - Access https-dns-proxy on LuCI
03:28 - DNS leak test
04:23 - Setup our your preferred DoH provider
04:55 - Force DNS request to port 53 to https-dns-proxy
Custom Firewall rule:
iptables -t nat -A PREROUTING -i br-lan -p udp --dport 53 -j DNAT --to 192.168.1.1:5053
iptables -t nat -A PREROUTING -i br-lan -p tcp --dport 53 -j DNAT --to 192.168.1.1:5053
ptables -t nat -A PREROUTING -i br-lan -p udp --dport 53 -j DNAT --to 192.168.1.1:5054
iptables -t nat -A PREROUTING -i br-lan -p tcp --dport 53 -j DNAT --to 192.168.1.1:5054
Resources:
Configure DNS over TLS on OpenWRT - https://youtu.be/C89VqK1Unb0
DoH with Dnsmasq and https-dns-proxy on OpenWRT - https://openwrt.org/docs/guide-user/services/dns/doh_dnsmasq_https-dns-proxy
Thanks for watching and see you in the next video!
Видео OpenWRT - Configure DNS-over-HTTPS (DoH) канала Van Tech Corner
In order to configure DoH, we will need 2 main packages - dnsmasq which is the default DNS resolver for OpenWRT and https-dns-proxy. Besides, you will need luci-app-https-dns-proxy in order to monitor & configure DoH on LuCI. https-dns-proxy uses Google and Cloudflare as default DoH providers and we are fine with that.
Videotimeframe:
00:00 - DNS-over-HTTPS with Dnsmasq and https-dns-proxy
00:36 - Install required packages
01:52 - Access https-dns-proxy on LuCI
03:28 - DNS leak test
04:23 - Setup our your preferred DoH provider
04:55 - Force DNS request to port 53 to https-dns-proxy
Custom Firewall rule:
iptables -t nat -A PREROUTING -i br-lan -p udp --dport 53 -j DNAT --to 192.168.1.1:5053
iptables -t nat -A PREROUTING -i br-lan -p tcp --dport 53 -j DNAT --to 192.168.1.1:5053
ptables -t nat -A PREROUTING -i br-lan -p udp --dport 53 -j DNAT --to 192.168.1.1:5054
iptables -t nat -A PREROUTING -i br-lan -p tcp --dport 53 -j DNAT --to 192.168.1.1:5054
Resources:
Configure DNS over TLS on OpenWRT - https://youtu.be/C89VqK1Unb0
DoH with Dnsmasq and https-dns-proxy on OpenWRT - https://openwrt.org/docs/guide-user/services/dns/doh_dnsmasq_https-dns-proxy
Thanks for watching and see you in the next video!
Видео OpenWRT - Configure DNS-over-HTTPS (DoH) канала Van Tech Corner
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
Mở hộp Ticwatch S2 - Thể thao, chống nước 5 ATMQuick Unbox Samsung Galaxy S10VLOG 001. MALAYSIA - A MONTH IN KUALA LUMPUROpenWRT - Intel N5105 Router PC WiFi Module Install & Configuration (QCA9880)ORICO UFSD Flash Drive - Overview & Benchmark (USB A, 128GB)Install OpenWRT on Aruba AP-175NanoPi R6S Bootup - Firmware Update (eMMC) - PPPoE SpeedtestCAMERON HIGHLANDS TEA PLANTATION CINEMATIC DRONE FOOTAGENanoPi R6S - Wireguard & OpenVPN Throughput TestOpenWRT - Install OpenWRT on Xiaomi CR6608 RouterOpenWrt 22.03 - File Sharing with Samba4 - NVMe NAS test with NanoPi R6CHabanero DVK Overview and OpenWRT Initial SetupNanoPi R6S SQM QoS Throughput (Torrent/iperf3/OpenSpeedTest)Beryl AX Real Life WiFi Performance Test (GL-MT3000)Setup Zyxel NWA50AX Access Point with Nebula Mobile AppLinksys WRT1900AC V1 (throughput) is broken after DSA migration (OpenWrt 21/22/23)GL-iNet Flint 2 - WiFi6 Throughput Test with FW V4.5.8 (Huge Improvement)OpenWRT - UniFi AP Revert to Stock FirmwareNanoPi R6C - Power Consumption & Throughput TestClean Yellowed Unifi AP/ Plastic with Hydrogen PeroxideOpenWrt - Raspberry Pi 5 handles 2.5Gbps smoothly (using USB 3.0 to 2.5GbE adapters)