How do I add DNSCrypt to my DSL modem-router - Verizon Actiontec GT784WNV ?
I'm on Verizon DSL and use Verizon's Actiontec GT784WNV modem router with Firmware Version GT784WN-VZ-1.1.22. Sorry, not Tomato or anything similar. In addition to connecting me to the internet (WAN?), this little box connects all the devices in my apartment to each other (LAN?), both wired and WiFi - our various computers, smartphones (when they receive WiFi), printer, iThings, etc. (For the WiFi, I have enabled both WPA2 encryption and MAC Address Filtering.)
In my router's "WAN IP Settings", I have (since years ago) set the DNS Type to Static DNS Addresses with OpenDNS's IP numbers Primary 208.67.222.222 and Secondary 208.67.220.220. Yes, I get the checkmark when I go to https://www.opendns.com/welcome/ .
Now, today, I just learned about DNSCrypt. Do I need to add it to my router? If yes, would I change one of the WAN IP numbers above to something special (does not seem right), or would I go to the different page "LAN IP and DHCP Settings" and change DNS from Dynamic (where it's always been) to Static and then make DNS Server 1 point to something special?
(To repeat, in "WAN IP", I long ago selected Static and pointed to the OpenDNS IP numbers 208.67.222.222 and 208.67.220.220. However, in "LAN IP and DHCP Settings", DNS has always been set to Dynamic. To "get" DNSCrypt, must I change that to Static and insert something special as DNS Server 1 ?)
Since I'm probably not understanding this, please give me links to a slightly more basic discussion for the tourist that I am.
Finally, if it's impossible for me to do the right thing with my particular modem-router, let's talk about what I might do if I finally bite the bullet and get FIOS from Verizon, which I must do soon anyway. FIOS will also carry our phone lines - no longer POTS on copper as they are today - so whatever router I get (after the ONT) has to give me phone as well as internet.
Many thanks!!!
-
Although OpenDNS DNS service supports the DNSCrypt protocol, it is not really OpenDNS specific, because many DNS services support DNSCrypt in the meantime. Especially, using DNSCrypt on a specific router is clearly out of the scope of this forum unless you can present a usable solution already which can help other users.
For DNSCrypt support see https://dnscrypt.org/
For router support visit the support site of your router's supplier.
For FIOS from Verizon, contact them or a related forum.Just to briefly answer some of your questions:
"Do I need to add it to my router?"
No, you don't. It's your choice. Did you understand right that DNSCrypt requires software to be installed? And I doubt that DNSCrypt software can be installed on such an ISP supplied router which may be already trimmed down and restricted from many changes.
"If yes, would I change one of the WAN IP numbers above to something special (does not seem right)"
Not sure what you mean by "WAN IP numbers". This sounds dangerous. Change only DNS related configuration on the WAN side of the router, never other IP addresses or subnet masks or such in the effort of using DNSCrypt or another DNS service like OpenDNS!
"or would I go to the different page "LAN IP and DHCP Settings" and change DNS from Dynamic (where it's always been) to Static and then make DNS Server 1 point to something special?"
This doesn't have to happen on the LAN/DHCP side (because you don't want to propagate external or localhost addresses to the end user devices), but it has to happen on the WAN side of the router. DHCP has still to propagate the router's IP address as DNS server address to the end user devices.
After you have installed DNSCrypt (if you are able to do so at all), you must configure static DNS server addresses as the localhost address where DNSCrypt listens to, like 127.0.0.1, on the WAN side. This localhost address is configurable in DNSCrypt. DNSCrypt then proxies the DNS traffic to the DNS server address of your choice, e.g. one from OpenDNS. And this destination address is configurable in DNSCrypt too.
Please sign in to leave a comment.
Comments
1 comment