AdGuardHome Few questions about AdGuard Home Install Script

[ImGettingTooOldForThis]

Can someone help me understand what the questions below by the installer script mean?

=>  Do you want to redirect all DNS resolutions on your network through to AdGuardHome? [y/n]: y
 Info:  You can choose to keep any custom dnsfilter values by only redirect non-custom traffic or send all traffic through to AdGuardHome.
 =>  Do you want to redirect only NON-CUSTOM DNS resolutions on your network through to AdGuardHome? [y/n]: n
 Info:  DNS is set to redirect All DNS resolutions through to AdGuardHome.
 =>  Do you want to run AdGuardHome as a local caching DNS service which includes router traffic? [y/n]: y

I’m not sure I fully understand them and hope that I have it enterted them correctly. All seems to work fine, I just want your opinion. I have AdGuard VPN and DNS as well, I’m using my ‘private’ (device-bound) DNS-servers as upstream DNS-servers and the public ones as bootstrap. I don’t fully understand what is meant by NON-CUSTOM DNS, and I’m not sure why the script asks me whether I want it to handle all DNS requests (as local clients still seem to be handled by dnsmasq) and why would or wouldn’t I want AdGuard Home to function as local cache? This will only speed up DNS-queries, right? And lastly, optimistic caching is disabled by default, can anyone shed some light on that? I assume that it improves speed unless it queries and expired address and has to request an upstream server anyway. But how big are the odds that that happens?

Thanks in advance.

Best regards,
Marco

 

[Zastoff]

The setting make you able to use dns-director in router gui, those will not be forced to use adguard home

 

[ImGettingTooOldForThis]

Thanks for your reply. Which setting do you mean? I already have DNS Director enabled pointing to the router itself, DNS 1 contains the routers local IP. I just don’t quite understand what the settings I posted previously exactly mean (what are NON-custom DNS-queries for example?) and whether optimised caching is something I would benefit of, or it would slow things down, as it isn’t enabled by default.

 

[Zastoff]

@SomeWhereOverTheRainBow can explain better.
The second question in the install script can disable(change nvram values for dns-director) specific client (if used) and make them use adguardhome depending on the Y/N answer.

 

[Tech9]

And lastly, optimistic caching is disabled by default

Keep it disabled for more accurate DNS resolution.

If you use Unbound you may disable AdGuard Home caching all together.

What router model? Don't overdo it with too large block lists. AdGuard Home needs RAM. Routers have limited resources hardware.

 

[ImGettingTooOldForThis]

What router model?

AGH is running on my RT-AC86U with a very basic setup. I will add that to my signature, as I had with my previous accounts. I had Unbound installed, but ran into some issues. As I skipped several of Merlin’s versions, I will make a fresh start some time soon to start from scratch.

Best regards,
Marco

 

[Tech9]

This router has unresolved software bug affecting some user scripts.

Stuck commands

Has anyone else observed any "stuck" commands on their router since upgrading to 386.x? Below is a frequent occurrence of the wl command getting stuck being spawned by conn_diag (this process was created at 4:10 AM). But I've also seen it happen with some nvram get commands (I once had Skynet...

www.snbforums.com

It also has common hardware issues. Hopefully yours is a good unit.

Router temperatures

yes, and even the slightest bit helps. I had wired a 120mm 12v fan to a usb plug and taped it on my 86U and got 66C temperatures. This last time, I just set it standing on its edge about 4 to 5 inches away, not "pointed" at the chip, just towards the router, and that got me the same 66C temps...

www.snbforums.com

 

[ImGettingTooOldForThis]

This router has unresolved software bug affecting some user scripts.

Stuck commands

Has anyone else observed any "stuck" commands on their router since upgrading to 386.x? Below is a frequent occurrence of the wl command getting stuck being spawned by conn_diag (this process was created at 4:10 AM). But I've also seen it happen with some nvram get commands (I once had Skynet...

www.snbforums.com

It also has common hardware issues. Hopefully yours is a good unit.

Router temperatures

yes, and even the slightest bit helps. I had wired a 120mm 12v fan to a usb plug and taped it on my 86U and got 66C temperatures. This last time, I just set it standing on its edge about 4 to 5 inches away, not "pointed" at the chip, just towards the router, and that got me the same 66C temps...

www.snbforums.com

Good to know about the unresolved bugs.

As for the other thread you quoted, I found previous posts of (at least) two of my previous accounts, to which I no longer have access. Including some posts of you lecturing me about shopping lists and my overpriced (Noctua) solution However, she’s still going strong… good to see you’re still around @Tech9!

Best regards,
Marco

 

[Tech9]

I remember you. And you're not getting too old for this.

 

[ImGettingTooOldForThis]

@SomeWhereOverTheRainBow

Would you be so kind to assist me (see 1st post). Because I'm just unsure whether I configured the installer for AGH correctly and I can't find answers to my questions using Better Search.

I want all DNS queries to go through AGH (does that mean that even if a device has hard-coded DNS, they will be re-routed?), so I assume the 1st question should be answered Yes? Local client resolution seems to stay working, so dnsmasq is still functional I assume (using YazDHCP).
I have DNS Director set to point solely at the main router itself, so I assume that what you meant by custom dnsfilter has been disabled that way? Syslog however says dnsmasq is ignoring 192.168.1.1:

Apr 19 07:38:02 dnsmasq[2266]: ignoring nameserver 192.168.1.1 - local interface

What is meant by NON-Custom DNS queries? As mention above, I want all DNS queries to go through AGH, so what should I answer at the second question?

Lastly, following the advice of @Tech9 i've reconfigured AGH upon installing the most recent binary update and change the setting for local caching to 'No'.

Thanks in advance.

Best regards,
Marco

 

[ImGettingTooOldForThis]

Lastly, following the advice of @Tech9 i've reconfigured AGH upon installing the most recent binary update and change the setting for local caching to 'No'.

I just noticed that syslog even after reconfiguration still says:

Apr 19 11:54:52 AdGuardHome[4880]: 2023/04/19 11:54:52.535805 [info] dnsproxy: cache: enabled, size 4096 b

even though I disabled the cache and the Adguard Home Web UI shows an empty field?

 

[SomeWhereOverTheRainBow]

I just noticed that syslog even after reconfiguration still says:

Apr 19 11:54:52 AdGuardHome[4880]: 2023/04/19 11:54:52.535805 [info] dnsproxy: cache: enabled, size 4096 b

even though I disabled the cache and the Adguard Home Web UI shows an empty field?

It probably runs similar to pihole where a small sliver of the cache remains active for adblocking purposes. You need cache for adboocking otherwise every single time you run into an ad, it would have to perform those delayed blocking actions over and over again which would significantly slow you query time down. I imagine you can't disable 100 percent of the cache, only the portion reserved for nonblocked transactions.

 

[SomeWhereOverTheRainBow]

It probably runs similar to pihole where a small sliver of the cache remains active for adblocking purposes. You need cache for adboocking otherwise every single time you run into an ad, it would have to perform those delayed blocking actions over and over again which would significantly slow you query time down. I imagine you can't disable 100 percent of the cache, only the portion reserved for nonblocked transactions.

Me personally, I would never disable the cache.

 

[ImGettingTooOldForThis]

Me personally, I would never disable the cache.

Okay, will re-enable the cache then. Thanks for clarifying. Would you be so kind to answer the previous question(s) too?

Thanks again.

Best regards,
Marco

 

[SomeWhereOverTheRainBow]

Okay, will re-enable the cache then. Thanks for clarifying. Would you be so kind to answer the previous question(s) too?

Thanks again.

Best regards,
Marco

Yep here is my answer to your "other questions".

AdGuardHome - Asuswrt-Merlin-AdGuardHome-Installer (AMAGHI) cont.

Sorry I think I am not being clear. I am not talking about local logging of queries. I am talking about at the DNS provider level. Here is another way to look at it, if the only cloudflare server near your geolocation goes down; and, you are using that cloudflare server you may notice a service...

www.snbforums.com

Also, please feel free to use these threads to see if your questions have already been answered.

AdGuardHome - [RELEASE] Asuswrt-Merlin-AdGuardHome-Installer (AMAGHI)

Asuswrt-Merlin-AdGuardHome-Installer The Official Installer of AdGuardHome for Asuswrt-Merlin Requirements: ARM based ASUS routers (not bridges or access points) that use Asuswrt-Merlin Firmware JFFS support and enabled REQUIRES ENTWARE(!) for package management, and a separate USB drive for...

www.snbforums.com

AdGuardHome - Asuswrt-Merlin-AdGuardHome-Installer (AMAGHI) cont.

Here is a continuation of this thread: https://www.snbforums.com/threads/release-asuswrt-merlin-adguardhome-installer-amaghi.76506/ for AdGuardHome users on Asuswrt-Merlin.

www.snbforums.com

 

[ImGettingTooOldForThis]

Don't know how I've managed not to have found this using 'Better' Search... *walks in shame.

Thanks for pointing me in the right direction. Will ask any further questions there.

Best regards,
Marco

 

[SomeWhereOverTheRainBow]

Don't know how I've managed not to have found this using 'Better' Search... *walks in shame.

Thanks for pointing me in the right direction. Will ask any further questions there.

Best regards,
Marco

All I did was search for how many times I talked about dnsfilter

It should also be noted that "DNSFilter" is now known as "DNS Director".

 

[Tech9]

Lastly, following the advice of @Tech9 i've reconfigured AGH upon installing the most recent binary update and change the setting for local caching to 'No'.

Only when you use Unbound. It caches the DNS requests already. Works better with AGH cache disabled. If you use AGH only - keep the default 4MB cache enabled. Don't go crazy with blocklists - your router will start running low on RAM. Use AGH responsibly.

 

[SomeWhereOverTheRainBow]

Only when you use Unbound. It caches the DNS requests already. Works better with AGH cache disabled. If you use AGH only - keep the default 4MB cache enabled. Don't go crazy with blocklists - your router will start running low on RAM. Use AGH responsibly.

Tbh disabling adguardhomes cache actually can negatively impact its performance in some cases. I would not advise disabling it for this reason. Now there is nothing wrong with adjusting the size of it down to a smaller amount and reducing the time to live overrides on queries done to adguardhome so unbound cache gets used more in the interim.

 

[Tech9]

Once Unbound builds the cache AGH is fed with under 1ms responses. With or without middle cache the result is the same. Middle cache because the browsers keep DNS cache as well. If there is a difference - not easily user measurable.

I’ve run it in all configurations and the fastest all the time was Google upstream and AGH with its cache enabled. Nothing beats big public DNS servers cache. Google, OpenDNS and Cloudflare are the fastest in my area.