Adguardhome: Feature Request - DNSCrypt Anonymized DNS

No, we don't support it.

Anonymized DNS is basically just a proxy server. I am not yet convinced this makes any sense.

AdGuard Home v0.99.3
Hope upgrade speed up!
support Anonymized DNS,used (firefox extension:)https everywhere,pirivacy badger,foxyproxy standard, f(Chrome extension:)cookies jar (sandbox),cupcake(flash proxy)or speed up.

Any update on when there will be downstream and upstream dnscrypt v2 support?

@jkle112 @ameshkov

There is upstream support already.
No ETA for downstream yet

Whilst Upstream will accept sdns stamp it doesn’t seem to support v2; Anonymized doesn’t seem to work.

Although I’m more interested in downstream. Of course can use sdns stamp and doh. But V2 would be much more useful incl anonymized .

Whilst Upstream will accept sdns stamp it doesn’t seem to support v2; Anonymised doesn’t seem to work.

Don't confuse "DNSCrypt anonymized" with DNSCrypt, these are different things.

Although I’m more interested in downstream

Please file a feature request for this. If it gets a lot of upvotes, we'll consider it.

Isn’t this the feature request for them? Or do you mean

https://github.com/AdguardTeam/AdGuardHome/issues/225

https://github.com/AdguardTeam/dnsproxy/issues/44

v2 has had multiple requests over the last year but seem to get closed

You're confusing different things.

• There's an SDNS stamp which is not a protocol, but a way to encode a DNS resolver address. You can encode any resolver using it: DOH, DOT, DNSCrypt, whatever.
• There is a DNSCrypt protocol. AdGuard Home can work as a DNSCrypt client.
• AdGuard Home cannot work as a DNSCrypt server (and there are no feature requests about that)
• Anonymized DNSCrypt is an extension of DNSCrypt which is basically a DNS proxy. This feature request is about adding client-side support of Anonymized DNSCrypt.

As I understand, you want us to add an option for AdGuard Home to work as a DNSCrypt server?

Yes I understand.

Yes aim is to be able to connect to and from adguard using dnscrypt v2 (Protocol) including use of anonymized dnscrypt

1. I highly doubt we will ever implement server-side Anonymized DNSCrypt, it makes no sense for AdGuard Home. The point is that in this case, AGH won't see what requests are being made so it won't be able to block anything.
2. We might implement client-side Anonymized DNSCrypt if this feature request gets upvoted enough.
3. We most likely will implement server-side DNSCrypt as it got many upvotes already, thanks for reminding me about the dnsproxy issue. I've mirrored it here: https://github.com/AdguardTeam/AdGuardHome/issues/1361

I suppose most useful due to mobile devices is:

dnscrypt v2 to AGH

AGH to anonymized dnscrypt upstream
OR
AGH to upstream via anonymized relay

Yeah, that'd be possible if points 2 and 3 from my comment are implemented.

Just one note:

AGH to anonymized dnscrypt upstream
OR
AGH to upstream via anonymized relay

These are effectively the same (anonymized dnscrypt IS an anonymized relay).

Agree. However:

“ You probably want relays and the servers they relay to to be operated by different entities. If you want to minimized latency, choose relays and servers that are close from a network perspective. If you feel paranoid, choose relays and servers in different countries. You decide.”

https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Anonymized-DNS