What's new

Unbound DHCP DNS same as WAN DNS based on merlin-dns-monitor.sh

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

salvo

Regular Contributor
Hello, I am looking for help from the community regarding the correctness of the router/unbound DNS resolver setup.

Based on the merlin-dns-monitor.sh script, my current router (AX86U, 3004.388.7) is set up correctly in terms of clients to use the router's local DNS resolver (Unbound) or DNS director rules in terms of VPN network 192.168.5.X clients. Generally DNS traffic goes to the router IP address 192.168.1.59, which resolves DNS requests. However, my PUBLIC router IP x.x.x.x seems to be communicating with many different servers, even though the WAN DNS IP is set to 8.8.8.8 and 1.1.1.1 on WAN settings. Also, the DHCP DNS seems to be 8.8.8.8 and 1.1.1.1, but there are no values in LAN DNS and WINS Server Setting so I'm not sure of the correctness of these values.

Note: Not sure if this is related by my 5G modem that is connected to router WAN is set to IP passthrough mode to pass public IP x.x.x.x to router.

1.) Shouldn't the public IP x.x.x.x of the router only communicate with 8.8.8.8 or 1.1.1 in terms of the DNS requests ?
2.) Shouldn't the DHCP DNS be 127.0.0.1 or 192.168.1.59 ?

Thanks for help or any hints how to resolve x.x.x.x WAN router IP only to WAN DNS IP servers (8.8.8.8 or 1.1.1.1).

Code:
regis@RT-AX86U-3E18:/jffs/scripts# cat /etc/resolv.conf
nameserver 8.8.8.8
nameserver 1.1.1.1
regis@RT-AX86U-3E18:/jffs/scripts# cat /tmp/resolv.dnsmasq
server=8.8.8.8
server=1.1.1.1
regis@RT-AX86U-3E18:/jffs/scripts# cat /tmp/resolv.conf
nameserver 8.8.8.8
nameserver 1.1.1.1
regis@RT-AX86U-3E18:/jffs/scripts# grep "^server" /etc/dnsmasq.conf
server=127.0.0.1#53535
regis@RT-AX86U-3E18:/jffs/scripts#

EDIT: my interpretation of the dns script output was wrong and once I configured Unbound via VPN, the PUBLIC IP only shows 8.8.8.8 DNSc which was/is OK. So all (red) requests from PUBLIC IP x.x.x to upstream servers were done by UNBOUND, but not as I expected as LOCAL IP (192.168.1.59).

UNBOUND via WAN / PUBLIC IP
Screenshot 2024-05-04 121548.png


UNBOUND via VPN / VPN IP
1715082257935.png
 
Last edited:

Similar threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top