DNSCrypt is a protocol that authenticates communications between a DNS client and a DNS resolver. Simply it turns regular DNS traffic into encrypted DNS traffic that is secure from eavesdropping and man-in-the-middle attacks (MITM) DNS spoofing occurs when a particular DNS server’s records of “spoofed” or altered maliciously to redirect traffic to the attacker.
Now for the longest time like many others on the net have been wanting to get DNSCrypt working on their routers. One of those limitations has been it has been due to processing power on local home/small office routers. In DD-WRT you need to enable dnsmasq.
Once you have enabled this the next step is you need to go to the administration tab if you notice its not functioning and run the following start-up command:
dnscrypt-proxy -a 127.0.0.53:5353 -R cs-dk -L /etc/dnscrypt/dnscrypt-resolvers.csv
Click here view your selection of DNS servers worldwide running DNSCrypt.