Setting up a DNS-over-TLS forwarding cache on OpenWrt Snapshot (r6693 or later)

This article describes how to set up a local DNS caching server on OpenWrt, which forwards unresolved DNS queries to recursive resolvers through DNS-over-TLS, to prevent eavesdropping and tampering of DNS queries on their network path.

Software

OS: OpenWrt Snapshot (r6693 or later)
DNS-over-TLS stub resolver: Stubby
DNS resolver and cache: Unbound

Continue reading Setting up a DNS-over-TLS forwarding cache on OpenWrt Snapshot (r6693 or later)