OpenWRT – Configure DNS-over-TLS with Cloudflare DNS

In this video, we will configure DNS over TLS on OpenWRT router with Cloudflare DNS, in order to secure the DNS requires. By default, OpenWRT was pre-installed Dnsmasq as an internal resolver and therefore doesn’t support DNS-over-TLS. We will need to uninstall it and install unbound & odhcpd in order to enable DNS-over-TLS with Cloudflare DNS. In this video, I will also explain the basic concept of DNS and why do we need DNS-over-TLS.

Video timeframe:
00:00 – DNS over TLS Introduction
00:55 – How an unencrypted DNS request looks like
02:11 – Install & Remove packages: unbound, odhcpd and unbound-control
05:16 – Configure unbound & odhcpd with CLI
09:46 – Check if DNS-over-TLS is working
10:18 – No IP address receive – Troubleshooting
12:37 – Check if the DNS request is encrypted with Wireshark
14:14 – Configure & Monitor Outbound with LuCI

Habanero DVK – https://www.8devices.com/products/habanero
DNS-over-TLS on Cloudflare blog – https://blog.cloudflare.com/dns-over-tls-for-openwrt/

Thanks for watching!