Your reports for Broadcom units are greatly appreciated !
Router:
Firmware:
Kernel:
Status:
Reset:
Errors:
This build thread is for reporting successes and problem with loading this experimental test build. This is important info for developers and users. Always state your hardware and SPECIFIC build (e.g. 29440_NEWD-2_K2.6_mega-nv64k.bin). Do not ask questions about your specific router or how to configure it in this thread; create your own thread to discuss any specific problems you have or need resolved. Please also do not respond to such questions. This thread is to report info, not to seek it. Posts that do not add to understanding this build will be deleted. Make sure you know how to flash properly and the risk before using this build. It is important to adhere to these requirements, to keep this thread from becoming impossibly long and useless. If you don't know what build to flash and how to flash properly and have a means of recovery if things should go wrong, do NOT flash this experimental test build. _________________ Unofficial Kong's release repository : http://ddwrt-kong.clonevince.fr/
Router: R6250
Firmware: DD-WRT v3.0-r31980M kongac (05/11/17)
Kernel: Linux 4.4.67 #317 SMP Thu May 11 12:58:51 CEST 2017 armv7l
Status: Working
Reset: no
Errors: no
R6250 in Client-Bridge-Mode (5GHz-WLAN-Bridge) with 5 LAN Connections (PCs, Printer, NAS).
Question: The CPU-Temp is very high (~80°C) ... is that normal?
Joined: 16 Nov 2015 Posts: 6437 Location: UK, London, just across the river..
Posted: Fri May 12, 2017 16:46 Post subject:
Router Model Netgear R7000
Firmware Version DD-WRT v3.0-r31980M kongac (05/11/17)
Kernel Version Linux 4.4.67 #317 SMP Thu May 11 12:58:51 CEST 2017 armv7l
ddup
reset:no
status: operational
errors: Clearly DNSCrypt its not working on my R7800 and R7000a lots of time wasted, i tried GUI settings as well custom settings with backup DNSCrypt resolver its not working on my both units i had to revert back to the old firmware, luckily for my R7800 i had a backup copy of 31900, but i don't have 31920 for my R7000... is there any link i can get it back.... _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55630 WAP
TP-Link WR1043NDv2 -DD-WRT 55723 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55779 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55819 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55779 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
Posted: Fri May 12, 2017 17:05 Post subject: DNSCrypt
@Alozaros,
I have R7000 and just upgraded to Kongs test 31980M, and dnscrypt is working as it should and as it was before.
Initially I thought it was having a problem, but it turned out some resolvers were down.
Except I am using opkg dnscrypt-proxy v1.9.4 and not the build-in one v1.9.1.
Also, I have a copy of Kongs test 31920M, so just let me know how to get it to you if you would like.
Sincerely,
P-B _________________ Netgear R7000
Joined: 16 Nov 2015 Posts: 6437 Location: UK, London, just across the river..
Posted: Fri May 12, 2017 17:57 Post subject:
hmm i tried many options and many servers too i guess im running built-in DNSCypt , once i reverted my R7800 it was back to normal, so it was not due to bad resolver choice.. i was running http://www.dd-wrt.com/phpBB2/viewtopic.php?t=308502&postdays=0&postorder=asc&start=0 this method described here with more than 11 days flawlessly running on both my units...
well, i guess you can post me file's as a PM...or so
Thanks in advance! _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55630 WAP
TP-Link WR1043NDv2 -DD-WRT 55723 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55779 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55819 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55779 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
Router Model Netgear R7000
Firmware Version DD-WRT v3.0-r31980M kongac (05/11/17)
Kernel Version Linux 4.4.67 #317 SMP Thu May 11 12:58:51 CEST 2017 armv7l
ddup
reset:no
status: operational
errors: Clearly DNSCrypt its not working on my R7800 and R7000a lots of time wasted, i tried GUI settings as well custom settings with backup DNSCrypt resolver its not working on my both units i had to revert back to the old firmware, luckily for my R7800 i had a backup copy of 31900, but i don't have 31920 for my R7000... is there any link i can get it back....
Dnscrypt works fine and you will probably find out what's wrong in your config once you look in syslog. Dnscrypt also worked before, but some managed to break it by adding bad custom settings (e.g. custom ntp servers which then cannot be resolved), which I prevent now. _________________ KONG PB's: http://www.desipro.de/ddwrt/
KONG Info: http://tips.desipro.de/
Joined: 03 Jan 2017 Posts: 49 Location: Lindau, Germany
Posted: Fri May 12, 2017 22:10 Post subject:
<Kong> wrote:
Alozaros wrote:
Router Model Netgear R7000
Firmware Version DD-WRT v3.0-r31980M kongac (05/11/17)
Kernel Version Linux 4.4.67 #317 SMP Thu May 11 12:58:51 CEST 2017 armv7l
ddup
reset:no
status: operational
errors: Clearly DNSCrypt its not working on my R7800 and R7000a lots of time wasted, i tried GUI settings as well custom settings with backup DNSCrypt resolver its not working on my both units i had to revert back to the old firmware, luckily for my R7800 i had a backup copy of 31900, but i don't have 31920 for my R7000... is there any link i can get it back....
Dnscrypt works fine and you will probably find out what's wrong in your config once you look in syslog. Dnscrypt also worked before, but some managed to break it by adding bad custom settings (e.g. custom ntp servers which then cannot be resolved), which I prevent now.
Hello Kong,
first thanks you and BS for the great work on DD-WRT.
Second I prepared logs using the standard GUI settings. I've observed the following regarding dnscrypt: cisco (and d0wn-de-ns1) is working fine, dnscrypt.eu-nl, dnscrypt.eu-dk, dnscrypt.nl-ns0 and dnscrypt.org-fr are not working.
I disabled all custom settings regarding dnsmasq/dnscrypt, enabled dnscrypt with cisco via GUI, rebootet, logged into GUI and switched to dnscrypt.eu-nl and applied settings. The logs via ssh:
root@R6300v2:~# cat /var/log/messages |grep dnsc
Jan 1 01:00:17 R6300v2 daemon.notice dnscrypt-proxy[950]: Starting dnscrypt-proxy 1.9.1
Jan 1 01:00:17 R6300v2 daemon.info dnscrypt-proxy[950]: Generating a new session key pair
Jan 1 01:00:17 R6300v2 daemon.info dnscrypt-proxy[950]: Done
Jan 1 01:00:17 R6300v2 daemon.info dnscrypt-proxy[950]: Server certificate with serial #1490391488 received
Jan 1 01:00:17 R6300v2 daemon.info dnscrypt-proxy[950]: This certificate has not been activated yet
Jan 1 01:00:17 R6300v2 daemon.err dnscrypt-proxy[950]: No useable certificates found
Jan 1 01:00:18 R6300v2 daemon.info dnscrypt-proxy[950]: Refetching server certificates
Jan 1 01:00:18 R6300v2 daemon.info dnscrypt-proxy[950]: Server certificate with serial #1490391488 received
Jan 1 01:00:18 R6300v2 daemon.info dnscrypt-proxy[950]: This certificate has not been activated yet
Jan 1 01:00:18 R6300v2 daemon.err dnscrypt-proxy[950]: No useable certificates found
May 12 22:02:43 R6300v2 daemon.info dnscrypt-proxy[950]: Refetching server certificates
May 12 22:02:43 R6300v2 daemon.info dnscrypt-proxy[950]: Server certificate with serial #1490391488 received
May 12 22:02:43 R6300v2 daemon.info dnscrypt-proxy[950]: This certificate is valid
May 12 22:02:43 R6300v2 daemon.info dnscrypt-proxy[950]: Chosen certificate #1490391488 is valid from [2017-03-24] to [2018-03-24]
May 12 22:02:43 R6300v2 daemon.info dnscrypt-proxy[950]: The key rotation period for this server may exceed the recommended value. This is bad for forward secrecy.
May 12 22:02:43 R6300v2 daemon.info dnscrypt-proxy[950]: Server key fingerprint is E7F8:4477:BF89:1434:1ECE:23F0:D6A6:6EB9:4F45:3167:D71F:80BB:4E80:A04F:F180:F778
May 12 22:02:43 R6300v2 daemon.notice dnscrypt-proxy[950]: Proxying from 127.0.0.1:30 to 208.67.220.220:443
May 12 22:02:44 R6300v2 daemon.notice dnscrypt-proxy[950]: Stopping proxy
May 12 22:02:44 R6300v2 daemon.info dnscrypt-proxy[950]: UDP listener shut down
May 12 22:02:44 R6300v2 daemon.info dnscrypt-proxy[950]: TCP listener shut down
May 12 23:02:44 R6300v2 daemon.notice dnscrypt-proxy[1360]: Starting dnscrypt-proxy 1.9.1
May 12 23:02:44 R6300v2 daemon.info dnscrypt-proxy[1360]: Generating a new session key pair
May 12 23:02:44 R6300v2 daemon.info dnscrypt-proxy[1360]: Done
May 12 23:02:44 R6300v2 daemon.info dnscrypt-proxy[1360]: Server certificate with serial #1490391488 received
May 12 23:02:44 R6300v2 daemon.info dnscrypt-proxy[1360]: This certificate is valid
May 12 23:02:44 R6300v2 daemon.info dnscrypt-proxy[1360]: Chosen certificate #1490391488 is valid from [2017-03-24] to [2018-03-24]
May 12 23:02:44 R6300v2 daemon.info dnscrypt-proxy[1360]: The key rotation period for this server may exceed the recommended value. This is bad for forward secrecy.
May 12 23:02:44 R6300v2 daemon.info dnscrypt-proxy[1360]: Server key fingerprint is E7F8:4477:BF89:1434:1ECE:23F0:D6A6:6EB9:4F45:3167:D71F:80BB:4E80:A04F:F180:F778
May 12 23:02:44 R6300v2 daemon.notice dnscrypt-proxy[1360]: Proxying from 127.0.0.1:30 to 208.67.220.220:443
May 12 23:04:34 R6300v2 daemon.notice dnscrypt-proxy[1360]: Stopping proxy
May 12 23:04:34 R6300v2 daemon.info dnscrypt-proxy[1360]: UDP listener shut down
May 12 23:04:34 R6300v2 daemon.info dnscrypt-proxy[1360]: TCP listener shut down
May 12 23:04:34 R6300v2 user.info : - [dnscrypt.eu-nl] does not support DNS Security Extensions
As the last line gives not much info, I started dnscrypt via command line:
Code:
root@R6300v2:~# /usr/sbin/dnscrypt-proxy -a 127.0.0.3:30 -R cisco -L /etc/dnscrypt/dnscrypt-resolvers.csv
Fri May 12 23:13:25 2017 [INFO] - [cisco] does not support DNS Security Extensions
Fri May 12 23:13:25 2017 [WARNING] - [cisco] logs your activity - a different provider might be better a choice if privacy is a concern
Fri May 12 23:13:25 2017 [NOTICE] Starting dnscrypt-proxy 1.9.1
Fri May 12 23:13:25 2017 [INFO] Generating a new session key pair
Fri May 12 23:13:25 2017 [INFO] Done
Fri May 12 23:13:25 2017 [INFO] Server certificate with serial #1490391488 received
Fri May 12 23:13:25 2017 [INFO] This certificate is valid
Fri May 12 23:13:25 2017 [INFO] Chosen certificate #1490391488 is valid from [2017-03-24] to [2018-03-24]
Fri May 12 23:13:25 2017 [INFO] The key rotation period for this server may exceed the recommended value. This is bad for forward secrecy.
Fri May 12 23:13:25 2017 [INFO] Server key fingerprint is E7F8:4477:BF89:1434:1ECE:23F0:D6A6:6EB9:4F45:3167:D71F:80BB:4E80:A04F:F180:F778
Fri May 12 23:13:25 2017 [NOTICE] Proxying from 127.0.0.3:30 to 208.67.220.220:443
This seems OK for me
Code:
root@R6300v2:~# /usr/sbin/dnscrypt-proxy -a 127.0.0.4:30 -R dnscrypt.eu-nl -L /etc/dnscrypt/dnscrypt-resolvers.csv
Fri May 12 23:14:22 2017 [INFO] - [dnscrypt.eu-nl] does not support DNS Security Extensions
Fri May 12 23:14:22 2017 [INFO] + Namecoin domains can be resolved
Fri May 12 23:14:22 2017 [INFO] + Provider supposedly doesn't keep logs
Fri May 12 23:14:22 2017 [ERROR] Unsupported server protocol version
It's interesting that dnscrypt claims that DNSSEC is not supported, but it should be according to dnscrypt-resolv.csv.
Now the interesting part: When using the file dnscrypt-resolv.csv delivered with entware the dnscrypt server starts OK (with DNSSEC):
Code:
root@R6300v2:~# /usr/sbin/dnscrypt-proxy -a 127.0.0.5:30 -R dnscrypt.eu-nl -L /opt/share/dnscrypt-proxy/dnscrypt-resolvers.csv
Fri May 12 23:15:03 2017 [INFO] + DNS Security Extensions are supported
Fri May 12 23:15:03 2017 [INFO] + Provider supposedly doesn't keep logs
Fri May 12 23:15:03 2017 [NOTICE] Starting dnscrypt-proxy 1.9.1
Fri May 12 23:15:03 2017 [INFO] Generating a new session key pair
Fri May 12 23:15:03 2017 [INFO] Done
Fri May 12 23:15:03 2017 [INFO] Server certificate with serial '0001' received
Fri May 12 23:15:03 2017 [INFO] This certificate is valid
Fri May 12 23:15:03 2017 [INFO] Chosen certificate #808464433 is valid from [2016-09-08] to [2017-09-08]
Fri May 12 23:15:03 2017 [INFO] The key rotation period for this server may exceed the recommended value. This is bad for forward secrecy.
Fri May 12 23:15:03 2017 [INFO] Server key fingerprint is 72DF:BE14:531F:F2AD:FD0F:BC8B:F711:B93D:799F:E4D0:34EC:D26B:8BF9:FFA9:32E7:2B79
Fri May 12 23:15:03 2017 [NOTICE] Proxying from 127.0.0.5:30 to 176.56.237.171:443
Using entware's dnscrypt-proxy binary works with its dnscrypt-resolv.csv but it fails with the dd-wrt shipped file. Maybe an issue with the file dnscrypt-resolv.csv on a few resolver entries?
It's interesting that dnscrypt claims that DNSSEC is not supported, but it should be according to dnscrypt-resolv.csv.
Now the interesting part: When using the file dnscrypt-resolv.csv delivered with entware the dnscrypt server starts OK (with DNSSEC):
Well the entware resolver file is kind of old. I updated the resolver file from trunk, now you can decide which one you trust.
Router: Dlink-DIR885L
Firmware: DD-WRT v3.0-r31980M kongac (05/11/17)
Kernel: Linux 4.4.67 #317 SMP Thu May 11 12:58:51 CEST 2017 armv7l
Previous version: 31920M
Flash method: via GUI
Reset:no
status: No internet via wireless connection
when DNS Crypt Resolver setting points to either
"CS Chicago IL US DNSCrypt server"
or "CS Las Vegas NV US DNSCrypt server"
Both were good before 31980M
Changed DNS Crypt Resolver setting to "Cisco OpenDNS" and everything back to normal
Router: Dlink-DIR885L
Firmware: DD-WRT v3.0-r31980M kongac (05/11/17)
Kernel: Linux 4.4.67 #317 SMP Thu May 11 12:58:51 CEST 2017 armv7l
Previous version: 31920M
Flash method: via ddup
Reset:no
status: No internet via wireless connection
when DNS Crypt Resolver setting points to either
"CS Canada East" or "CS New York City"
Reinstated my dnscrypt.startup script to start dnscrypt using "CA Canada East" and all good. Coupled with the previous post, I'm guessing there was an issue updating the resolver list.
Joined: 16 Nov 2015 Posts: 6437 Location: UK, London, just across the river..
Posted: Sat May 13, 2017 7:13 Post subject:
well wasted some time again,
clearly NTP and DNSCrypt have some issues
1. i cant resolve correct NTP time, i removed all custom settings, if i select time zone it use to supply correct time now there is a wrong time
2.DNSCypt all custom settings removed servers selected via GUI so DNSCrypt Holland, Denmark, France nor Cisco are working it show's there are kind of "connected" but no internet at all....
3. to check all that i started with "erase nvram" and manual rebuild as well i didn't use any of my custom settings just test it DNSCrypt
4.the other thing i ve noticed is apply anything via Wi-Fi it kicks me out and i have to reconnect manually by clicking the network it wasn't in that state before...
here are some logs
May 13 04:45:01 R7000 daemon.debug process_monitor[1244]: Restarting dnsmasq (time sync change)
May 13 04:45:01 R7000 daemon.debug process_monitor[1244]: We need to re-update after 3600 seconds
May 13 04:45:01 R7000 daemon.info process_monitor[1244]: set timer: 3600 seconds, callback: ntp_main()
May 13 04:45:02 R7000 daemon.info dnsmasq[1464]: started, version 2.77 cachesize 1500
May 13 04:45:02 R7000 daemon.info dnsmasq[1464]: compile time options: IPv6 GNU-getopt no-RTC no-DBus no-i18n no-IDN DHCP DHCPv6 no-Lua no-TFTP no-conntrack no-ipset no-auth DNSSEC loop-detect no-inotify
May 13 04:45:02 R7000 daemon.warn dnsmasq[1464]: warning: ignoring resolv-file flag because no-resolv is set
May 13 04:45:02 R7000 daemon.info dnsmasq-dhcp[1464]: DHCP, IP range 192.168.x.x -- 192.168.x.x, lease time 6h
May 13 04:45:02 R7000 daemon.info dnsmasq[1464]: using nameserver 127.0.0.1#30
May 13 04:45:02 R7000 daemon.info dnsmasq[1464]: read /etc/hosts - 2 addresses
May 13 04:45:02 R7000 user.info : dnsmasq : dnsmasq daemon successfully started
May 13 04:45:10 R7000 daemon.info dnsmasq-dhcp[1464]: DHCPREQUEST(br0) 192.168.x.x x.x.x.x.
May 13 04:45:10 R7000 daemon.info dnsmasq-dhcp[1464]: DHCPACK(br0) 192.168.x.x x.x.x.x.x.x.x.x
May 13 04:46:00 R7000 user.info : - [dnscrypt.eu-nl] does not support DNS Security Extensions
May 13 04:46:00 R7000 user.info : + Namecoin domains can be resolved
May 13 04:46:00 R7000 user.info : + Provider supposedly doesn't keep logs
May 13 04:46:00 R7000 user.err : Unsupported server protocol version
May 13 04:46:00 R7000 daemon.crit dnsmasq[1472]: failed to bind DHCP server socket: Address in use
May 13 04:46:00 R7000 daemon.crit dnsmasq[1472]: FAILED to start up
May 13 04:46:00 R7000 user.info : dnsmasq : dnsmasq daemon successfully started
May 13 04:46:00 R7000 user.info : dnsmasq : dnsmasq daemon successfully started
May 13 04:51:21 R7000 user.info : syslogd : syslog daemon successfully stopped
May 13 04:51:21 R7000 syslog.info syslogd exiting
May 13 04:51:21 R7000 syslog.info syslogd started: BusyBox v1.26.2
May 13 04:51:21 R7000 user.info : vpn modules : vpn modules successfully unloaded
May 13 04:51:21 R7000 user.info : vpn modules : nf_conntrack_proto_gre successfully loaded
May 13 04:51:21 R7000 user.info : vpn modules : nf_nat_proto_gre successfully loaded
May 13 04:51:21 R7000 user.info : vpn modules : nf_conntrack_pptp successfully loaded
May 13 04:51:21 R7000 user.info : vpn modules : nf_nat_pptp successfully loaded
May 13 04:51:22 R7000 user.info : dnsmasq : dnsmasq daemon successfully stopped
May 13 04:51:22 R7000 user.info : dropbear : ssh daemon successfully stopped
May 13 04:51:22 R7000 user.info : pptpd : pptp daemon successfully stopped
May 13 04:51:22 R7000 authpriv.info dropbear[896]: Early exit: Terminated by signal
May 13 04:51:22 R7000 user.info : - [dnscrypt.org-fr] does not support DNS Security Extensions
May 13 04:51:22 R7000 user.info : + Namecoin domains can be resolved
May 13 04:51:22 R7000 user.info : + Provider supposedly doesn't keep logs
May 13 04:51:22 R7000 user.err : Unsupported server protocol version
May 13 04:51:22 R7000 daemon.info dnsmasq[1946]: started, version 2.77 cachesize 1500
May 13 04:51:22 R7000 daemon.info dnsmasq[1946]: compile time options: IPv6 GNU-getopt no-RTC no-DBus no-i18n no-IDN DHCP DHCPv6 no-Lua no-TFTP no-conntrack no-ipset no-auth DNSSEC loop-detect no-inotify
May 13 04:51:22 R7000 daemon.warn dnsmasq[1946]: warning: ignoring resolv-file flag because no-resolv is set
May 13 04:51:22 R7000 daemon.info dnsmasq-dhcp[1946]: DHCP, IP range 192.168.x.x -- 192.168.x.x, lease time 6h
May 13 04:51:22 R7000 user.info : dnsmasq : dnsmasq daemon successfully started
May 13 04:51:22 R7000 daemon.info dnsmasq[1946]: using nameserver 127.0.0.1#30
May 13 04:51:22 R7000 daemon.info dnsmasq[1946]: read /etc/hosts - 2 addresses
May 13 04:51:22 R7000 user.info : dropbear : ssh daemon successfully started
May 13 04:51:22 R7000 authpriv.info dropbear[1955]: Running in background
May 13 04:51:23 R7000 user.info : vpn modules : vpn modules successfully unloaded
May 13 04:51:23 R7000 user.info : vpn modules : nf_conntrack_proto_gre successfully loaded
May 13 04:51:23 R7000 user.info : vpn modules : nf_nat_proto_gre successfully loaded
May 13 04:51:23 R7000 user.info : vpn modules : nf_conntrack_pptp successfully loaded
May 13 04:51:23 R7000 user.info : vpn modules : nf_nat_pptp successfully loaded
May 13 04:51:23 R7000 user.info : syslogd : syslog daemon successfully stopped
May 13 04:51:23 R7000 syslog.info syslogd exiting
May 13 04:51:23 R7000 syslog.info syslogd started: BusyBox v1.26.2
i tried my default DNSCrypt Holland than tried France and later Cisco.
same happens on my R7800 witch i managed to revert to 319000 with custom settings and all is working like a charm _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55630 WAP
TP-Link WR1043NDv2 -DD-WRT 55723 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55779 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55819 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55779 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
well wasted some time again,
clearly NTP and DNSCrypt have some issues
1. i cant resolve correct NTP time, i removed all custom settings, if i select time zone it use to supply correct time now there is a wrong time
2.DNSCypt all custom settings removed servers selected via GUI so DNSCrypt Holland, Denmark, France nor Cisco are working it show's there are kind of "connected" but no internet at all....
3. to check all that i started with "erase nvram" and manual rebuild as well i didn't use any of my custom settings just test it DNSCrypt
4.the other thing i ve noticed is apply anything via Wi-Fi it kicks me out and i have to reconnect manually by clicking the network it wasn't in that state before...
here are some logs
May 13 04:45:01 R7000 daemon.debug process_monitor[1244]: Restarting dnsmasq (time sync change)
May 13 04:45:01 R7000 daemon.debug process_monitor[1244]: We need to re-update after 3600 seconds
May 13 04:45:01 R7000 daemon.info process_monitor[1244]: set timer: 3600 seconds, callback: ntp_main()
May 13 04:45:02 R7000 daemon.info dnsmasq[1464]: started, version 2.77 cachesize 1500
May 13 04:45:02 R7000 daemon.info dnsmasq[1464]: compile time options: IPv6 GNU-getopt no-RTC no-DBus no-i18n no-IDN DHCP DHCPv6 no-Lua no-TFTP no-conntrack no-ipset no-auth DNSSEC loop-detect no-inotify
May 13 04:45:02 R7000 daemon.warn dnsmasq[1464]: warning: ignoring resolv-file flag because no-resolv is set
May 13 04:45:02 R7000 daemon.info dnsmasq-dhcp[1464]: DHCP, IP range 192.168.x.x -- 192.168.x.x, lease time 6h
May 13 04:45:02 R7000 daemon.info dnsmasq[1464]: using nameserver 127.0.0.1#30
May 13 04:45:02 R7000 daemon.info dnsmasq[1464]: read /etc/hosts - 2 addresses
May 13 04:45:02 R7000 user.info : dnsmasq : dnsmasq daemon successfully started
May 13 04:45:10 R7000 daemon.info dnsmasq-dhcp[1464]: DHCPREQUEST(br0) 192.168.x.x x.x.x.x.
May 13 04:45:10 R7000 daemon.info dnsmasq-dhcp[1464]: DHCPACK(br0) 192.168.x.x x.x.x.x.x.x.x.x
May 13 04:46:00 R7000 user.info : - [dnscrypt.eu-nl] does not support DNS Security Extensions
May 13 04:46:00 R7000 user.info : + Namecoin domains can be resolved
May 13 04:46:00 R7000 user.info : + Provider supposedly doesn't keep logs
May 13 04:46:00 R7000 user.err : Unsupported server protocol version
May 13 04:46:00 R7000 daemon.crit dnsmasq[1472]: failed to bind DHCP server socket: Address in use
May 13 04:46:00 R7000 daemon.crit dnsmasq[1472]: FAILED to start up
May 13 04:46:00 R7000 user.info : dnsmasq : dnsmasq daemon successfully started
May 13 04:46:00 R7000 user.info : dnsmasq : dnsmasq daemon successfully started
May 13 04:51:21 R7000 user.info : syslogd : syslog daemon successfully stopped
May 13 04:51:21 R7000 syslog.info syslogd exiting
May 13 04:51:21 R7000 syslog.info syslogd started: BusyBox v1.26.2
May 13 04:51:21 R7000 user.info : vpn modules : vpn modules successfully unloaded
May 13 04:51:21 R7000 user.info : vpn modules : nf_conntrack_proto_gre successfully loaded
May 13 04:51:21 R7000 user.info : vpn modules : nf_nat_proto_gre successfully loaded
May 13 04:51:21 R7000 user.info : vpn modules : nf_conntrack_pptp successfully loaded
May 13 04:51:21 R7000 user.info : vpn modules : nf_nat_pptp successfully loaded
May 13 04:51:22 R7000 user.info : dnsmasq : dnsmasq daemon successfully stopped
May 13 04:51:22 R7000 user.info : dropbear : ssh daemon successfully stopped
May 13 04:51:22 R7000 user.info : pptpd : pptp daemon successfully stopped
May 13 04:51:22 R7000 authpriv.info dropbear[896]: Early exit: Terminated by signal
May 13 04:51:22 R7000 user.info : - [dnscrypt.org-fr] does not support DNS Security Extensions
May 13 04:51:22 R7000 user.info : + Namecoin domains can be resolved
May 13 04:51:22 R7000 user.info : + Provider supposedly doesn't keep logs
May 13 04:51:22 R7000 user.err : Unsupported server protocol version
May 13 04:51:22 R7000 daemon.info dnsmasq[1946]: started, version 2.77 cachesize 1500
May 13 04:51:22 R7000 daemon.info dnsmasq[1946]: compile time options: IPv6 GNU-getopt no-RTC no-DBus no-i18n no-IDN DHCP DHCPv6 no-Lua no-TFTP no-conntrack no-ipset no-auth DNSSEC loop-detect no-inotify
May 13 04:51:22 R7000 daemon.warn dnsmasq[1946]: warning: ignoring resolv-file flag because no-resolv is set
May 13 04:51:22 R7000 daemon.info dnsmasq-dhcp[1946]: DHCP, IP range 192.168.x.x -- 192.168.x.x, lease time 6h
May 13 04:51:22 R7000 user.info : dnsmasq : dnsmasq daemon successfully started
May 13 04:51:22 R7000 daemon.info dnsmasq[1946]: using nameserver 127.0.0.1#30
May 13 04:51:22 R7000 daemon.info dnsmasq[1946]: read /etc/hosts - 2 addresses
May 13 04:51:22 R7000 user.info : dropbear : ssh daemon successfully started
May 13 04:51:22 R7000 authpriv.info dropbear[1955]: Running in background
May 13 04:51:23 R7000 user.info : vpn modules : vpn modules successfully unloaded
May 13 04:51:23 R7000 user.info : vpn modules : nf_conntrack_proto_gre successfully loaded
May 13 04:51:23 R7000 user.info : vpn modules : nf_nat_proto_gre successfully loaded
May 13 04:51:23 R7000 user.info : vpn modules : nf_conntrack_pptp successfully loaded
May 13 04:51:23 R7000 user.info : vpn modules : nf_nat_pptp successfully loaded
May 13 04:51:23 R7000 user.info : syslogd : syslog daemon successfully stopped
May 13 04:51:23 R7000 syslog.info syslogd exiting
May 13 04:51:23 R7000 syslog.info syslogd started: BusyBox v1.26.2
i tried my default DNSCrypt Holland than tried France and later Cisco.
same happens on my R7800 witch i managed to revert to 319000 with custom settings and all is working like a charm
First of all, ntp does not need to resolve any names, there are hardcoded ips set for the client, unless:
-dnscrypt is disabled
-custom ntp server set
Thus ntp has no problem if the router has wan access and your output shows, that ntp is working.
Secondly in your output dnsmasq complains, that the port is already used by some application, which makes it pretty clear, that you have some custom stuff running.
All I see is user error. _________________ KONG PB's: http://www.desipro.de/ddwrt/
KONG Info: http://tips.desipro.de/
Joined: 19 Aug 2016 Posts: 16 Location: United States of Denial
Posted: Sat May 13, 2017 12:00 Post subject:
Router: r7000
Firmware: v3.0-r31980M
Kernel: Linux 4.4.67 #317 SMP Thu May 11 12:58:51 CEST 2017 armv7l DD-WRT
Status: Good, up for 2 hrs. at present
Reset: No
Errors: None
Upgraded from 31920 via -ddup --flash-latest with no issues. Previous oddity of Apple devices not signing into wireless networks not present. I will update this post if any issues develop. Thanks again, Kong!