Hey, I’m currently having the problem that my adGuard Home addon is really slow leading the router (fritzbox in my case) to select the second DNS server set (in case my HassIO is down at some point) even though the adGuard one is “preferred”. Inside the addon i already added multiple DNS servers and activated parallel requests.
Until the PiHole addon became deprecated I’ve used that and I’ve never had any problem with it.
The average response time displayed in the web interface is 75ms although the rpi4 and my computer are both connected to the fritzbox via cable
Let me get this straight: if RPi4 and adguard are down, it takes a long time for your client to change from DNS 1 to DNS 2? Did I get that right? Because that is entirely up to your client as to how long it takes to figure out DNS 1 is not reachable and switching to DNS 2.
no, that’s not what I’ve meant
In the fritzbox i have to set a “preferred DNSv4 Server” and an “alternative DNSv4 Server”
If I don’t enter the IP’s as in this picture:
I’m getting max 10 requests to adguard
If i do it as in the screenshot I’m getting all the requests but if e.g. my hassio rpi is unavailable my internet is totally offline due to the lack of a working DNS server
My guess is that the fritzbox requests the alternative server (I tried it with 8.8.8.8 for example) because the adGuard Server on mi rpi is too slow somehow
Ok, I took a look at the settings over in my instance. Setting that much upstream DNS servers and ticking the checkbox underneath it could cause for a slowdown (not sure). Also on the first page you have the begrenzungswert, default is 20. I wouldn’t change that if absolutely necessary. Because that could flood adguard/RPI.
And then my last question, on the settings page of the encryption settings in adguard, have you ticked the first checkbox? Because that could also lead to problems if not everything else is setup correct.
I just made the switch from PiHole to AGH and it’s definitely noticeably slower. I checked the parallel queries box as someone mentioned above and I think it made an ever so slight difference, but I think the major bottleneck is the upstream DNS server. Switching from the default https://dns10.quad9.net/dns-query that AGH provides to 1.1.1.1 (cloudflare… unencrypted, I’m assuming) gave my browsing speed/page loading a MASSIVE boost and a few essential sites I frequent that weren’t working before- a major US bank login for instance- are now working fine.
It might be a good idea to add some ‘practical defaults’ to this plugin… most people using this are probably just using 1.1.1.1 or their ISP default anyway and just want basic ad blocking.
Update
It doesn’t work anymore unfortunately @frits1980
I also tried what you’ve done @zeeeko but that didn’t do it either.
It’s really annoying that it doesn’t work with AGH while it worked perfectly fine with PiHole…
using a DoH upstream over regular DNS will be slower in most cases since theres a lot of overhead. However it shouldnt be recognizable by humans, only by numbers. Enabling parrallel queries only makes sense if you define more than one upstream. It can result in better performance while producing more bloat.
There seems to be a design flaw with your setup which might be the cause of your issue:
You point your router’s DNS back into your own network. Consider having your router use it’s regular peer DNS from your ISP but have your DHCP hand out your local adguard DNS servers to it’s clients. to ensure local dns resolution, leave the dns service on your router running and add a rule to adguard to forward these requests to the router (usually the device that runs your dhcp can resolve local hostnames) Example rule:
try a couple of setups and test responsetime with tools like namebench or dig
As a sidenote:
I would say most people are better off using their ISPs peer DNS as upstream since they usually have the better response time and your ISP is aware of your DNS foo anyway. So there’s little privacy improvements with DoH without SNI being widely used. In fact you add another party to your whole DNS resolution game.
Martin, I’ve also been having performance issues since moving to Adguard Home from Pi-Hole.
I’d like to give the method you’ve mentioned a try, because it sounds very logical. Can you elaborate specifically on how/where to add these rules to Adguard? My local network is 192.168.1.1.
internal.redacted.org is the internal domain I set on my router/dhcp. So hosts within my networks go like hostname.internal.redacted.org. The 1st rule in the beginning ensures that adguard does not forward dns queries for local hostnames (*.internal.redacted.org) to the internet, but rather asks the router while the second rule does the same but for my local IP subnets (reverse lookups).
Lets say your setup is similar but with slightly different IP ranges and another hostname.
router: 192.168.1.1
DHCP range192.168.1.100 - 254
local domain: shitz.box
Whats the value of your Average Processing time, its on the landing page in the general statistics? Do you you use the integration aswell or just the addon? If you use the integration please turn it off to get a comparisson
I haven’t been able to get this working. Do I need to have Adguard handling DHCP? I ordinarily have my router handling this, but I’m not sure how to tell DHCP clients to look to my Pi for DNS lookups instead of my router.
It’s a setting in the DHCP options of your router. It differs from vendor to vendor but im certain every router with dhcp function is able to provide DHCP option 6 to the clients. What router model do you have? I can help you find the setting.
Be aware that changing the setting will take effect once the clients renew their DHCP lease, in other words it will take some time.
I have a Netgear R6400. If it has the option 6 you mention, I haven’t been able to find it. Under DHCP, all I can do is give a starting and ending IP address range, and add address reservations.
Hmm in fact this router always sending his ip address as DNS server, from the Manual:
In that case you either set your clients manually, disable DHCP on the router and enable DHCP in AGH or set the DNS of the router to your internal ones, which I mentioned is not optimal but possible. I’d say use AGH as DHCP and disable it on the router. However if you use vlans and the guest wifi of the router, option 3 is the only way to go. Test both see what performs best for you.