mirrors
/
AdGuardHome
mirror of https://github.com/AdguardTeam/AdGuardHome.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Pull request: clients: imp fmt, add subdomain info 

Merge in DNS/adguard-home-wiki from clients-cert to master

Squashed commit of the following:

commit b11c99d0fc87f12437e4db358c529baa520e1c19
Author: Ainar Garipov <A.Garipov@AdGuard.COM>
Date:   Fri Feb 12 14:46:28 2021 +0300

    clients: imp fmt, add subdomain info
Ainar Garipov 2021-02-12 14:50:22 +03:00
parent a8714dd875
commit 852b7a2a98
1 changed files with 24 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
Clients.md

@ -45,22 +45,30 @@ First of all, you need to decide how you would like to identify the client.
There are several options to do this. There are several options to do this.
1. **IP address** - for instance, `192.168.0.1`. This is the easiest 1. **IP address**. For instance, `192.168.0.1`. This is the easiest way to do
way to do this, but it may be not good enough if the IP address changes too often. this, but it may be not good enough if the IP address changes too often.
2. **CIDR range** - for instance, `192.168.0.1/24`. Allows attributing a 2. **CIDR range**. For instance, `192.168.0.1/24`. Allows attributing a whole
whole range of IP addresses (in the example it is `192.168.0.*`) to the same client. range of IP addresses (in the example it is `192.168.0.*`) to the same
3. **MAC address** - using MAC as a client identifier is only possible when client.
AdGuard Home works as a [DHCP server](DHCP). 3. **MAC address**. Using MAC as a client identifier is only possible when
4. **Client ID** - *(added in v0.105)* this method is supposed to be used for encrypted DNS protocols AdGuard Home works as a [DHCP server](DHCP).
(DoH, DoT or DoQ). Once this identifier is used, you can use a special domain 4. **Client ID** *(added in v0.105)*. This method is supposed to be used for
name while configuring your client. Here's an example: encrypted DNS protocols (DoH, DoT or DoQ). Once this identifier is used,
* AdGuard Home domain name `example.org`. you can use a special domain name while configuring your client. Here's an
example:
* AdGuard Home has the domain name `example.org`.
* In AdGuard Home you add a client with the client ID `my-client`. * In AdGuard Home you add a client with the client ID `my-client`.
* On the client device you can now configure: * On the client device you can now configure:
* `DNS-over-HTTPS`: `https://example.org/dns-query/my-client` * `DNS-over-HTTPS`: `https://example.org/dns-query/my-client`
* `DNS-over-TLS`: `tls://my-client.example.org` (requires a [Wildcard certificate](https://en.wikipedia.org/wiki/Wildcard_certificate)) * `DNS-over-TLS`: `tls://my-client.example.org` (requires a [Wildcard certificate](https://en.wikipedia.org/wiki/Wildcard_certificate))
* `DNS-over-QUIC`: `quic://my-client.example.org` (requires a [Wildcard certificate](https://en.wikipedia.org/wiki/Wildcard_certificate)) * `DNS-over-QUIC`: `quic://my-client.example.org` (requires a [Wildcard certificate](https://en.wikipedia.org/wiki/Wildcard_certificate))
Note that the certificate for TLS and QUIC client IDs must be valid **both**
for `*.example.org` **and** `example.org`.
### <a id="clientsettings" href="#clientsettings">Settings</a> ### <a id="clientsettings" href="#clientsettings">Settings</a>