root@red_viper:~# opkg update
root@red_viper:~# opkg install dnscrypt-proxy

...
        option address         '127.0.0.1'
        option port            '2053'
...

root@red_viper:~# cat /usr/share/dnscrypt-proxy/dnscrypt-resolvers.csv
Name,Full name,Description,Location,Coordinates,URL,Version,DNSSEC validation,No logs,Namecoin,Resolver address,Provider name,Provider public key,Provider public key TXT record
cloudns-can,CloudNS Canberra,"CloudNS is an Australian based security focused DNS provider.","Canberra, AU",,https://cloudns.com.au,1.0,yes,yes,yes,113.20.6.2:443,2.dnscrypt-cert.cloudns.com.au,1971:7C1A:C550:6C09:F09B:ACB1:1AF7:C349:6425:2676:247F:B738:1C5A:243A:C1CC:89F4,
cloudns-syd,CloudNS Sydney,"CloudNS is an Australian based security focused DNS provider.","Sydney, AU",,https://cloudns.com.au,1.0,yes,yes,yes,113.20.8.17:443,2.dnscrypt-cert-2.cloudns.com.au,67A4:323E:581F:79B9:BC54:825F:54FE:1025:8B4F:37EB:0D07:0BCE:4010:6195:D94F:E330,
d0wn-fr-ns1,First d0wn server in France,"Server provided by Martin 'd0wn' Albus",France,,https://dns.d0wn.biz,1.0,no,yes,no,188.165.25.65:54,2.dnscrypt-cert.d0wn.biz,F64D:AECA:A8AA:E31D:3896:8A93:1D96:EB54:9D70:CE57:A439:58B0:7685:6960:044B:EA62,
d0wn-fr-ns2,Second d0wn server in France,"Server provided by Martin 'd0wn' Albus",France,,https://dns.d0wn.biz,1.0,no,yes,no,37.187.0.40:54,2.dnscrypt-cert.d0wn.biz,F64D:AECA:A8AA:E31D:3896:8A93:1D96:EB54:9D70:CE57:A439:58B0:7685:6960:044B:EA62,
d0wn-im-ns1,d0wn server in Isle of Man,"Server provided by Martin 'd0wn' Albus",Isle of Man,,https://dns.d0wn.biz,1.0,no,yes,no,37.235.55.197:54,2.dnscrypt-cert.d0wn.biz,F64D:AECA:A8AA:E31D:3896:8A93:1D96:EB54:9D70:CE57:A439:58B0:7685:6960:044B:EA62,
d0wn-li-ns1,d0wn server in Lichtenstein,"Server provided by Martin 'd0wn' Albus",Lichtenstein,,https://dns.d0wn.biz,1.0,no,yes,no,88.82.108.30:54,2.dnscrypt-cert.d0wn.biz,F64D:AECA:A8AA:E31D:3896:8A93:1D96:EB54:9D70:CE57:A439:58B0:7685:6960:044B:EA62,
d0wn-nl-ns1,First d0wn server in Netherlands,"Server provided by Martin 'd0wn' Albus",Netherlands,,https://dns.d0wn.biz,1.0,no,yes,no,95.85.9.86:54,2.dnscrypt-cert.d0wn.biz,F64D:AECA:A8AA:E31D:3896:8A93:1D96:EB54:9D70:CE57:A439:58B0:7685:6960:044B:EA62,
d0wn-nl-ns2,Second d0wn server in Netherlands,"Server provided by Martin 'd0wn' Albus",Netherlands,,https://dns.d0wn.biz,1.0,no,yes,no,31.220.27.46:54,2.dnscrypt-cert.d0wn.biz,F64D:AECA:A8AA:E31D:3896:8A93:1D96:EB54:9D70:CE57:A439:58B0:7685:6960:044B:EA62,
d0wn-ro-ns1,First d0wn server in Romania,"Server provided by Martin 'd0wn' Albus",Romania,,https://dns.d0wn.biz,1.0,no,yes,no,89.46.222.115:54,2.dnscrypt-cert.d0wn.biz,F64D:AECA:A8AA:E31D:3896:8A93:1D96:EB54:9D70:CE57:A439:58B0:7685:6960:044B:EA62,
d0wn-ro-ns2,Second d0wn server in Romania,"Server provided by Martin 'd0wn' Albus",Romania,,https://dns.d0wn.biz,1.0,no,yes,no,89.46.222.116:54,2.dnscrypt-cert.d0wn.biz,F64D:AECA:A8AA:E31D:3896:8A93:1D96:EB54:9D70:CE57:A439:58B0:7685:6960:044B:EA62,
d0wn-sg-ns1,d0wn server in Singapore,"Server provided by Martin 'd0wn' Albus",Singapore,,https://dns.d0wn.biz,1.0,no,yes,no,128.199.248.105:54,2.dnscrypt-cert.d0wn.biz,F64D:AECA:A8AA:E31D:3896:8A93:1D96:EB54:9D70:CE57:A439:58B0:7685:6960:044B:EA62,
dnscrypt.eu-dk,DNSCrypt.eu Denmark,"Free, non-logged, uncensored. Hosted by Netgroup.",Denmark,,https://dnscrypt.eu,1.0,yes,yes,no,77.66.84.233:443,2.dnscrypt-cert.resolver2.dnscrypt.eu,3748:5585:E3B9:D088:FD25:AD36:B037:01F5:520C:D648:9E9A:DD52:1457:4955:9F0A:9955,pubkey.resolver2.dnscrypt.eu
dnscrypt.eu-dk-ipv6,DNSCrypt.eu Denmark over IPv6,"Free, non-logged, uncensored. Hosted by Netgroup.",Denmark,,https://dnscrypt.eu,1.0,yes,yes,no,[2001:1448:243::dc2]:443,2.dnscrypt-cert.resolver2.dnscrypt.eu,3748:5585:E3B9:D088:FD25:AD36:B037:01F5:520C:D648:9E9A:DD52:1457:4955:9F0A:9955,pubkey.resolver2.dnscrypt.eu
dnscrypt.eu-nl,DNSCrypt.eu Holland,"Free, non-logged, uncensored. Hosted by RamNode.",Netherlands,,https://dnscrypt.eu,1.0,yes,yes,no,176.56.237.171:443,2.dnscrypt-cert.resolver1.dnscrypt.eu,67C0:0F2C:21C5:5481:45DD:7CB4:6A27:1AF2:EB96:9931:40A3:09B6:2B8D:1653:1185:9C66,pubkey.resolver1.dnscrypt.eu
dnscrypt.eu-nl-ipv6,DNSCrypt.eu Holland over IPv6,"Free, non-logged, uncensored. Hosted by RamNode.",Netherlands,,https://dnscrypt.eu,1.0,yes,yes,no,[2a00:d880:3:1::a6c1:2e89]:443,2.dnscrypt-cert.resolver1.dnscrypt.eu,67C0:0F2C:21C5:5481:45DD:7CB4:6A27:1AF2:EB96:9931:40A3:09B6:2B8D:1653:1185:9C66,pubkey.resolver1.dnscrypt.eu
okturtles,okTurtles,For a surveillance-free world. HTTPS is broken. DNSChain fixes it.,"Georgia, US","33.032501, -83.895699",http://okturtles.com/,1.0,no,yes,yes,23.226.227.93:443,2.dnscrypt-cert.okturtles.com,1D85:3953:E34F:AFD0:05F9:4C6F:D1CC:E635:D411:9904:0D48:D19A:5D35:0B6A:7C81:73CB,
opendns,OpenDNS,The world’s largest internet security network,Anycast,,http://www.opendns.com,1.0,no,no,no,208.67.220.220:443,2.dnscrypt-cert.opendns.com,B735:1140:206F:225D:3E2B:D822:D7FD:691E:A1C3:3CC8:D666:8D0C:BE04:BFAB:CA43:FB79,
opendns-familyshield,OpenDNS with FamilyShield,Blocks web sites not suitable for children,Anycast,,http://www.opendns.com/home-internet-security/parental-controls/,1.0,no,no,no,208.67.220.220:443,2.dnscrypt-cert.opendns.com,B735:1140:206F:225D:3E2B:D822:D7FD:691E:A1C3:3CC8:D666:8D0C:BE04:BFAB:CA43:FB79,
opendns-ipv6,OpenDNS over IPv6,OpenDNS IPv6 sandbox,Anycast,,http://www.opendns.com/about/innovations/ipv6/,1.0,no,no,no,[2620:0:ccc::2]:443,2.dnscrypt-cert.opendns.com,B735:1140:206F:225D:3E2B:D822:D7FD:691E:A1C3:3CC8:D666:8D0C:BE04:BFAB:CA43:FB79,
opennic-ca-ns3,OpenNIC server ns3.ca,"OpenNIC server in Canada provided by NovaKing",Canada,,http://www.opennicproject.org,1.0,no,yes,no,142.4.204.111:443,2.dnscrypt-cert.ns3.ca.dns.opennic.glue,1C19:7933:1BE8:23CC:CF08:9A79:0693:7E5C:3410:2A56:AC7F:6270:E046:25B2:EDDB:04E3,
opennic-ca-ns3-ipv6,OpenNIC server ns3.ca over IPv6,"OpenNIC server in Canada provided by NovaKing",Canada,,http://www.opennicproject.org,1.0,no,yes,no,[2607:5300:60:47aa:142:4:204:111]:443,2.dnscrypt-cert.ns3.ca.dns.opennic.glue,1C19:7933:1BE8:23CC:CF08:9A79:0693:7E5C:3410:2A56:AC7F:6270:E046:25B2:EDDB:04E3,
opennic-ca-ns4,OpenNIC server ns4.ca,"OpenNIC server in Canada provided by NovaKing",Canada,,http://www.opennicproject.org,1.0,no,yes,no,142.4.205.47:443,2.dnscrypt-cert.ns4.ca.dns.opennic.glue,12FA:EC04:3489:B374:B973:CA7C:827F:D7FA:033F:D280:8641:F2F1:430A:E5DC:6068:42B8,
opennic-ca-ns4-ipv6,OpenNIC server ns4.ca over IPv6,"OpenNIC server in Canada provided by NovaKing",Canada,,http://www.opennicproject.org,1.0,no,yes,no,[2607:5300:60:47aa:142:4:205:47]:443,2.dnscrypt-cert.ns4.ca.dns.opennic.glue,12FA:EC04:3489:B374:B973:CA7C:827F:D7FA:033F:D280:8641:F2F1:430A:E5DC:6068:42B8,
opennic-jp-ns2,OpenNIC server ns2.jp,"OpenNIC server in Japan provided by Guillaume Parent",Japan,,http://www.opennicproject.org,1.0,no,yes,no,106.186.17.181:2053,2.dnscrypt-cert.ns2.jp.dns.opennic.glue,8768:C3DB:F70A:FBC6:3B64:8630:8167:2FD4:EE6F:E175:ECFD:46C9:22FC:7674:A1AC:2E2A,
opennic-jp-ns3-ipv6,OpenNIC server ns3.jp over IPv6,"OpenNIC server in Japan provided by Guillaume Parent",Japan,,http://www.opennicproject.org,1.0,no,yes,no,[2400:8900::f03c:91ff:fe70:c452]:2053,2.dnscrypt-cert.ns2.jp.dns.opennic.glue,8768:C3DB:F70A:FBC6:3B64:8630:8167:2FD4:EE6F:E175:ECFD:46C9:22FC:7674:A1AC:2E2A,
opennic-uk-ns10,OpenNIC server ns10.uk,"OpenNIC server in UK provided by NovaKing",UK,,http://www.opennicproject.org,1.0,no,yes,no,185.19.105.14:443,2.dnscrypt-cert.ns10.uk.dns.opennic.glue,B1AB:7025:1119:9AEE:E42E:1B12:F2EF:12D4:53D9:CD92:E07B:9AF4:4794:F6EB:E5A4:F725,
opennic-uk-ns10-ipv6,OpenNIC server ns10.uk over IPv6,"OpenNIC server in UK provided by NovaKing",UK,,http://www.opennicproject.org,1.0,no,yes,no,[2a04:1400:1337:2000::14]:443,2.dnscrypt-cert.ns10.uk.dns.opennic.glue,B1AB:7025:1119:9AEE:E42E:1B12:F2EF:12D4:53D9:CD92:E07B:9AF4:4794:F6EB:E5A4:F725,
opennic-uk-ns8,OpenNIC server ns8.uk,"OpenNIC server in UK provided by NovaKing",UK,,http://www.opennicproject.org,1.0,no,yes,no,185.19.104.45:443,2.dnscrypt-cert.ns8.uk.dns.opennic.glue,A17C:06FC:BA21:F2AC:F4CD:9374:016A:684F:4F56:564A:EB30:A422:3D9D:1580:A461:B6A6,
opennic-uk-ns8-ipv6,OpenNIC server ns8.uk over IPv6,"OpenNIC server in UK provided by NovaKing",UK,,http://www.opennicproject.org,1.0,no,yes,no,[2a04:1400:1337:1534::45]:443,2.dnscrypt-cert.ns8.uk.dns.opennic.glue,A17C:06FC:BA21:F2AC:F4CD:9374:016A:684F:4F56:564A:EB30:A422:3D9D:1580:A461:B6A6,
opennic-uk-ns9,OpenNIC server ns9.uk,"OpenNIC server in UK provided by NovaKing",UK,,http://www.opennicproject.org,1.0,no,yes,no,185.19.105.6:443,2.dnscrypt-cert.ns9.uk.dns.opennic.glue,E864:80D9:DFBD:9DB4:58EA:8063:292F:EC41:9126:8394:BC44:FAB8:4B6E:B104:8C3B:E0B4,
opennic-uk-ns9-ipv6,OpenNIC server ns9.uk over IPv6,"OpenNIC server in UK provided by NovaKing",UK,,http://www.opennicproject.org,1.0,no,yes,no,[2a04:1400:1337:2000::6]:443,2.dnscrypt-cert.ns9.uk.dns.opennic.glue,E864:80D9:DFBD:9DB4:58EA:8063:292F:EC41:9126:8394:BC44:FAB8:4B6E:B104:8C3B:E0B4,
opennic-us-ca-ns17,OpenNIC server ns17.ca.us,"OpenNIC server in California provided by Philip Southam","Fremont, CA, US",,http://www.opennicproject.org,1.0,no,yes,no,173.230.156.28:443,2.dnscrypt-cert.ns17.ca.us.dns.opennic.glue,2342:215C:409A:85A5:FB63:2A3B:42CD:5089:6BA8:551A:8BDC:2654:CF57:804F:B1B2:5019,
opennic-us-ca-ns17-ipv6,OpenNIC server ns17.ca.us over IPv6,"OpenNIC server in California provided by Philip Southam","Fremont, CA, US",,http://www.opennicproject.org,1.0,no,yes,no,[2600:3c01::f03c:91ff:fe6e:1f6b]:443,2.dnscrypt-cert.ns17.ca.us.dns.opennic.glue,2342:215C:409A:85A5:FB63:2A3B:42CD:5089:6BA8:551A:8BDC:2654:CF57:804F:B1B2:5019,
soltysiak,Soltysiak,Public DNSCrypt server in Poland,Poland,"52.4014619, 16.9278078",http://dc1.soltysiak.com/,1.0,yes,yes,yes,178.216.201.222:2053,2.dnscrypt-cert.soltysiak.com,25C4:E188:2915:4697:8F9C:2BBD:B6A7:AFA4:01ED:A051:0508:5D53:03E7:1928:C066:8F21,pubkey.dc1.soltysiak.com

#       option resolvfile '/tmp/resolv.conf.auto'
        option noresolv '1'
        list server '127.0.0.1#2053'
        list server '/pool.ntp.org/208.67.222.222'

root@red_viper:~# /etc/init.d/dnsmasq restart
root@red_viper:~# logread
...
Wed Aug 20 13:33:43 2014 daemon.info dnsmasq[1591]: using nameserver 208.67.222.222#53 for domain pool.ntp.org
Wed Aug 20 13:33:43 2014 daemon.info dnsmasq[1591]: using nameserver 127.0.0.1#2053
...

root@red_viper:~# ping wp.pl
ping: bad address 'wp.pl'
root@red_viper:~# ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8): 56 data bytes
64 bytes from 8.8.8.8: seq=0 ttl=44 time=58.543 ms
64 bytes from 8.8.8.8: seq=1 ttl=44 time=59.077 ms
64 bytes from 8.8.8.8: seq=2 ttl=44 time=59.445 ms
^C
--- 8.8.8.8 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 58.543/59.021/59.445 ms

root@red_viper:~# /etc/init.d/dnscrypt-proxy enable
root@red_viper:~# /etc/init.d/dnscrypt-proxy start

root@red_viper:~# ping wp.pl
PING wp.pl (212.77.100.101): 56 data bytes
64 bytes from 212.77.100.101: seq=0 ttl=248 time=17.292 ms
64 bytes from 212.77.100.101: seq=1 ttl=248 time=14.011 ms
64 bytes from 212.77.100.101: seq=2 ttl=248 time=15.858 ms
^C
--- wp.pl ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 14.011/15.720/17.292 ms

config dhcp 'lan'
...
        list 'dhcp_option' '6,192.168.1.1'

morfik:~$ dig debug.opendns.com txt

; <<>> DiG 9.9.5-4-Debian <<>> debug.opendns.com txt
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55507
;; flags: qr rd ra; QUERY: 1, ANSWER: 7, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;debug.opendns.com.             IN      TXT

;; ANSWER SECTION:
debug.opendns.com.      0       IN      TXT     "server 1.wrw"
debug.opendns.com.      0       IN      TXT     "flags 20 0 2F6 0"
debug.opendns.com.      0       IN      TXT     "originid 22970815"
debug.opendns.com.      0       IN      TXT     "actype 2"
debug.opendns.com.      0       IN      TXT     "bundle 6114579"
debug.opendns.com.      0       IN      TXT     "source 77.88.100.90:63983"
debug.opendns.com.      0       IN      TXT     "dnscrypt enabled (713471645A4D3317)"

;; Query time: 14 msec
;; SERVER: 192.168.1.1#53(192.168.1.1)
;; WHEN: Wed Aug 20 13:52:18 CEST 2014
;; MSG SIZE  rcvd: 265