What's new
By:

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Bell home internet users with Asus routers - does DoT work for you?

RMerlin said:
That won't last. Blocking DoH is just as trivial as blocking DoT. It's been on my ToDo list for over a year now (as part of DNS Director's blocking of outside DNS servers), and got sidelined by the large amount of work involved in the 3006 merge. An ISP who wants to block DoT can just as easily also block DoH.

As for adding DoH support, as I said, stubby/getdns does NOT support it, and their development seem to be dead at this point, so it's not going to happen anytime soon. The one alternative I found had a ton of external dependencies making it too much work and wasted flash space for it to be worth my time.
Click to expand...

First off - in case folks missed my earlier comment - I'm not in favor of DoH...

Get the HTTPS DNS Proxy - code exists here...

github.com

GitHub - aarond10/https_dns_proxy: A lightweight DNS-over-HTTPS proxy.

A lightweight DNS-over-HTTPS proxy. Contribute to aarond10/https_dns_proxy development by creating an account on GitHub.
github.com github.com

This uses DNSMasq, not unbound/stubby that is needed for DoT

Then the firewall rule for DNS intercept and redirect all DNS traffic back to the router/gateway...

To your point, this adds another layer of complexity around the DNS resolver implementation on AsusWRT, so there are bounds...
 
There's also the Browser issue - Chrome uses DoH by default, and it leverages their cloud - so to blackhole that, one would have to block their entire IP range...

Or use a policy on the browser itself...

To disable DoH on Chrome:

  1. Open the Google Chrome browser.
  2. Go to the Security settings. Complete these steps:
    1. In the address bar, enter <span data-testid="SyntaxHighlighter">chrome://settings/security/</span>.
    2. In the Advanced section, disable Use Secure DNS.
 
sfx2000 said:
Get the HTTPS DNS Proxy - code exists here...
Click to expand...
That's the alternative I mentionned. Has multiple dependencies. Needs c-ares, libev, nghttp2 (and I stopped looking at that point, so these might also have dependencies of their own).
 
You must log in or register to reply here.

Similar threads

TheLyppardMan
Problem getting WireGuard to work on my Windows laptop
Replies
5
Views
464
TheLyppardMan
TheLyppardMan
S
Asus RT-AX88U internet speed slows down after a few days
2
Replies
30
Views
2K
scandalous
S
R
Asus Tuf AX6000 disconnections
Replies
9
Views
2K
ronins
R
C
Had trouble setting up ASUS BE98 Pro
Replies
1
Views
644
jzchen
J
K
OpenVPN on Asus Router (DSL-AC88U) - No internet for client
Replies
2
Views
1K
KingsGambit
K
Similar threads
Thread starter Title Forum Replies Date
J Is there a way to disable the flashing alert bell in top right corner? Asuswrt-Merlin 4
Philip Bondi HOWTO: Bell Fibe with Private Cloud; port forwarding; email, web & Plex servers running! Asuswrt-Merlin 1
Philip Bondi Bell Fibe (Canada) with Asus RT-AX88U Pro running firmware 3004.388.8_4 appears throttled Asuswrt-Merlin 15
C Remote home access, using Wireguard Asus AX86U and GLiNet Beryl AX Asuswrt-Merlin 11
D Home Network Upgrade with Asus BT10 (after exploring BE88u) & AX-58U as AiMesh Node - Inputs ? Asuswrt-Merlin 41
A Adguard Home and clients of subnet (wireguard tunnel) Asuswrt-Merlin 19
K Going from Home to Small business (NAS+CCTV) - AiMesh and possible managed switch Asuswrt-Merlin 8
L "Maximum number of concurrent DNS queries" with strange lb._dns-sd._udp. ... .in-addr.arpa reverse DNS queries (has Pi running Adguard Home + Unbound) Asuswrt-Merlin 2
fafot Solved Constant Apple Home random disconnections Asuswrt-Merlin 2
B Solved What VPN Director rule should i use to be able to connect outside my home to my VPN provider? Asuswrt-Merlin 2

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 840 (members: 16, guests: 824)
Back
Top