AdguardHome timezone

[SomeWhereOverTheRainBow]

Yup. I added the Cloudflares malware blocking dns also. I used to have it in WAN settings.


I truly hope! I really wish to get Adguard and Wireguard to work together.

This is important for wireguard configuration:

Post in thread 'Asuswrt-Merlin-AdGuardHome-Installer (AMAGHI) cont.' https://www.snbforums.com/threads/asuswrt-merlin-adguardhome-installer-amaghi-cont.79862/post-844983

 

[zer0bitz]

Your router hates you, by the way. Poor thing never imagined such hard life.

Lol! I used to run FreeNAS with ZFS but it was too much for my brain. SMB im familiar with so easy to stick with it.

 

[Tech9]

Hopefully it fits.

 

[zer0bitz]

Hopefully it fits.

View attachment 50693

Easily.

 

[SomeWhereOverTheRainBow]

Hopefully it fits.

View attachment 50693

Yep, that is how they are transported these days.

 

[Tech9]

How's the AdGuard Home UI on RT-AX56U, @zer0bitz? I could see a difference in response between RT-AX86U installation and x86 board installation. There was a difference in processing time as well to the same upstream servers. Not really noticeable with Internet browsing, but in ms reported.

 

[ElmerFudd]

Some random reboots have occured. Diversion I had disabled since I wanted to try out AdGuard. Installation is now done, but im wondering to get Cloudflares DoT to work. I did put: "tls://1dot1dot1dot1.cloudflare-dns.com" into the Upstream DNS Servers but when going to 1.1.1.1/help it is saying that DoT is not working.

Domain names don't always seem to work well (exception quad 9) when configuring the upstream DNS servers but IPs with port number worked great for me. Leave DNS SEC on with the following upstream servers (I use the list in parallel to always get fastest response (am averaging 4ms) :

tls://1.1.1.1:853
tls://8.8.8.8:853
tls://dns.quad9.net
tls://1.0.0.1:853
tls://8.8.4.4:853
tls://149.112.112.112:853


I have tested extensively with 1.1.1.1/help and always get DOT test successful. Cloudfare does not always return fastest response for me.... with parallel requests turned on, the fastest response rotates between cloud fare, google, cloud 9.

 

[zer0bitz]

How's the AdGuard Home UI on RT-AX56U, @zer0bitz? I could see a difference in response between RT-AX86U installation and x86 board installation. There was a difference in processing time as well to the same upstream servers. Not really noticeable with Internet browsing, but in ms reported.

Really liking it. It is really easy to use and search around the query log. For me I feel like browsing and loading times have reduced just a slight.

 

[zer0bitz]

Domain names don't always seem to work well (exception quad 9) when configuring the upstream DNS servers but IPs with port number worked great for me. Leave DNS SEC on with the following upstream servers (I use the list in parallel to always get fastest response (am averaging 4ms) :

tls://1.1.1.1:853
tls://8.8.8.8:853
tls://dns.quad9.net
tls://1.0.0.1:853
tls://8.8.4.4:853
tls://149.112.112.112:853


I have tested extensively with 1.1.1.1/help and always get DOT test successful. Cloudfare does not always return fastest response for me.... with parallel requests turned on, the fastest response rotates between cloud fare, google, cloud 9.

I will try this if I start to notice problems with my current config. Thank you!

 

[Tech9]

I use the list in parallel

You use all of them, a mix of filtered and unfiltered?

 

[ElmerFudd]

You use all of them, a mix of filtered and unfiltered?

Cloudfare (unless configured) , Google, Quad9 do not filter.

All of them using the parallel setting. Fastest response is most important for me, Selection was best compromise for privacy considering all the dns providers selected do not keep logs more than 24 hrs. If I ever was really worried about being a stealth covert ninja, their are solutions for that. However, I have yet to have the need.

 

[Tech9]

There is unfiltered Quad9:

9.9.9.10
149.112.112.10

No processing, may be faster.

 

[ElmerFudd]

There is unfiltered Quad9:

9.9.9.10
149.112.112.10

No processing, may be faster.

Thanks, I will check it out. Have not had a problem with traditional quad 9 though.

 

[vlord]

Thanks, I will check it out. Have not had a problem with traditional quad 9 though.

I tested with the unfiltered quad9, and for me, it was significantly slower. Any particular reason why your list order contains primary service IPs first then followed by secondary? Because they are all parallel queries, I would expect the ordering doesn’t make any difference.

BTW - thank you for your research. Your list of DNS servers reduced my average dns processing time from a couple hundred milliseconds to ~10ms on average.

 

[ElmerFudd]

I tested with the unfiltered quad9, and for me, it was significantly slower. Any particular reason why your list order contains primary service IPs first then followed by secondary? Because they are all parallel queries, I would expect the ordering doesn’t make any difference.

BTW - thank you for your research. Your list of DNS servers reduced my average dns processing time from a couple hundred milliseconds to ~10ms on average.

Ordering makes no difference, it was simply the way I organized them for future reference.

Thank you for testing alt quad 9. From what I’m reading, primary only filters reported malicious sites so that’s good for me. You welcome, I played a lot with that list and got my time down to 7 milliseconds overs a 1 month average. I’m fairly close to the main sites though being near DC so that helps.

 

[vlord]

Ordering makes no difference, it was simply the way I organized them for future reference.

Thank you for testing alt quad 9. From what I’m reading, primary only filters reported malicious sites so that’s good for me. You welcome, I played a lot with that list and got my time down to 7 milliseconds overs a 1 month average. I’m fairly close to the main sites though being near DC so that helps.

I know this topic has morphed from the original but after doing some additional testing, I've rotated out google and rotated in NextDNS. It's consistently beating every other resolver for where I live. You can test the response time by going [here|https://ping.nextdns.io/]. Cloudfare is coming in 2nd and quad 9 is third. I rarely, if ever, see resolutions from google. My config is to send parallel requests.

Current DNS resolver list:

# Cloudfare
tls://1.1.1.1:853
tls://1.0.0.1:853
# Google
#tls://8.8.8.8:853
#tls://8.8.4.4:853
# Quad 9
tls://9.9.9.9:853
tls://149.112.112.112:853
# NextDNS
tls://dns.nextdns.io

Edit: One other item I forgot to mention is that you can test NextDNS resolution [here|https://test.nextdns.io/]

 

[ElmerFudd]

I know this topic has morphed from the original but after doing some additional testing, I've rotated out google and rotated in NextDNS. It's consistently beating every other resolver for where I live. You can test the response time by going [here|https://ping.nextdns.io/]. Cloudfare is coming in 2nd and quad 9 is third. I rarely, if ever, see resolutions from google. My config is to send parallel requests.

Current DNS resolver list:

# Cloudfare
tls://1.1.1.1:853
tls://1.0.0.1:853
# Google
#tls://8.8.8.8:853
#tls://8.8.4.4:853
# Quad 9
tls://9.9.9.9:853
tls://149.112.112.112:853
# NextDNS
tls://dns.nextdns.io

Edit: One other item I forgot to mention is that you can test NextDNS resolution [here|https://test.nextdns.io/]

Thank you for the update. An important consideration with respect to Next DNS is what they do with your data. For some people it’s important, others not.

https://www.reddit.com/r/nextdns/comments/ju2hfw

The reason why I stuck with google, Cloudfare, and Quad 9 was they had great privacy policies.

Glad to here Parallel is helping out. It was a game changer once I learned about that hidden gem in these forums.

 

[vlord]

Thank you for the update. An important consideration with respect to Next DNS is what they do with your data. For some people it’s important, others not.

https://www.reddit.com/r/nextdns/comments/ju2hfw

The reason why I suck with google, Cloudfare, and Quad 9 was they had great privacy policies.

Glad to here Parallel is helping out. It was a game changer once I learned about that hidden gem in these forums.

Looks like they changed it back within a day to the original policy. If you look at the first stickied comment in the thread you linked, they state:

We were waiting to add the final GDPR notice regarding processors at the bottom, the 1. is now back to what it was yesterday, and we now list the third-party technical service providers we use and why we use them.

The goal of our privacy policy is to be both accurate and easy to understand, we hope that's the case as of now, if not, please suggest what we could additionally clarify.

In more complex terms as we've seen those questions and didn't get a chance to answer them:

• we NEVER shared ANY logs/ip/devices data with ANYONE.
• we NEVER shared the email address associated with your account with what's called a controller under GDPR.
• we use technical service providers like Stripe (when you pay with card) or SendGrid (when you request a reset password email), and while they do see/store your card info or email to be able to provide us with their service, they are what's called processor under GDPR (or service provider under CCPA), and they can't do anything with that data. Same thing applied for our support chat (Intercom), that we have now removed.

Having read through the thread and [NextDNS’s privacy policy|https://nextdns.io/privacy], it seems pretty tight to me, in line, if not better than others. Do you have specific concerns with their policy?

 

[SomeWhereOverTheRainBow]

Looks like they changed it back within a day to the original policy. If you look at the first stickied comment in the thread you linked, they state:



Having read through the thread and [NextDNS’s privacy policy|https://nextdns.io/privacy], it seems pretty tight to me, in line, if not better than others. Do you have specific concerns with their policy?

I personally would skip nextdns. You would be better mixing a variety of servers which you would be querying directly, than using nextdns which backdoors off of the same servers. You have to remember that your requests are cached. You can enable builtin adguardhome optimization cache features such as optimistic caching. You can change the ttl values for longer caching as well.

e.g. of a good mix

https://doh.cleanbrowsing.org/doh/security-filter/
tls://security-filter-dns.cleanbrowsing.org
https://security.cloudflare-dns.com/dns-query
tls://security.cloudflare-dns.com
https://dns.quad9.net/dns-query
tls://dns.quad9.net

 

[zer0bitz]

I need some help with my DNS servers.

These are the ones im using currently, but when ever I run https://dnscheck.tools/ I can see my ISP's DNS in the list. What can I delete from my upstream DNS list to avoid getting my ISP DNS in the dnscheck.tools results?

Edit: Found solution. I had automatic dns server enabled in WAN settings. All good now!