Hello, I am looking for help from the community regarding the correctness of the router/unbound DNS resolver setup.
Based on the merlin-dns-monitor.sh script, my current router (AX86U, 3004.388.7) is set up correctly in terms of clients to use the router's local DNS resolver (Unbound) or DNS director rules in terms of VPN network 192.168.5.X clients. Generally DNS traffic goes to the router IP address 192.168.1.59, which resolves DNS requests. However, my PUBLIC router IP x.x.x.x seems to be communicating with many different servers, even though the WAN DNS IP is set to 8.8.8.8 and 1.1.1.1 on WAN settings. Also, the DHCP DNS seems to be 8.8.8.8 and 1.1.1.1, but there are no values in LAN DNS and WINS Server Setting so I'm not sure of the correctness of these values.
Note: Not sure if this is related by my 5G modem that is connected to router WAN is set to IP passthrough mode to pass public IP x.x.x.x to router.
1.) Shouldn't the public IP x.x.x.x of the router only communicate with 8.8.8.8 or 1.1.1 in terms of the DNS requests ?
2.) Shouldn't the DHCP DNS be 127.0.0.1 or 192.168.1.59 ?
Thanks for help or any hints how to resolve x.x.x.x WAN router IP only to WAN DNS IP servers (8.8.8.8 or 1.1.1.1).
EDIT: my interpretation of the dns script output was wrong and once I configured Unbound via VPN, the PUBLIC IP only shows 8.8.8.8 DNSc which was/is OK. So all (red) requests from PUBLIC IP x.x.x to upstream servers were done by UNBOUND, but not as I expected as LOCAL IP (192.168.1.59).
UNBOUND via WAN / PUBLIC IP
UNBOUND via VPN / VPN IP
Based on the merlin-dns-monitor.sh script, my current router (AX86U, 3004.388.7) is set up correctly in terms of clients to use the router's local DNS resolver (Unbound) or DNS director rules in terms of VPN network 192.168.5.X clients. Generally DNS traffic goes to the router IP address 192.168.1.59, which resolves DNS requests. However, my PUBLIC router IP x.x.x.x seems to be communicating with many different servers, even though the WAN DNS IP is set to 8.8.8.8 and 1.1.1.1 on WAN settings. Also, the DHCP DNS seems to be 8.8.8.8 and 1.1.1.1, but there are no values in LAN DNS and WINS Server Setting so I'm not sure of the correctness of these values.
Note: Not sure if this is related by my 5G modem that is connected to router WAN is set to IP passthrough mode to pass public IP x.x.x.x to router.
1.) Shouldn't the public IP x.x.x.x of the router only communicate with 8.8.8.8 or 1.1.1 in terms of the DNS requests ?
2.) Shouldn't the DHCP DNS be 127.0.0.1 or 192.168.1.59 ?
Thanks for help or any hints how to resolve x.x.x.x WAN router IP only to WAN DNS IP servers (8.8.8.8 or 1.1.1.1).
Code:
regis@RT-AX86U-3E18:/jffs/scripts# cat /etc/resolv.conf
nameserver 8.8.8.8
nameserver 1.1.1.1
regis@RT-AX86U-3E18:/jffs/scripts# cat /tmp/resolv.dnsmasq
server=8.8.8.8
server=1.1.1.1
regis@RT-AX86U-3E18:/jffs/scripts# cat /tmp/resolv.conf
nameserver 8.8.8.8
nameserver 1.1.1.1
regis@RT-AX86U-3E18:/jffs/scripts# grep "^server" /etc/dnsmasq.conf
server=127.0.0.1#53535
regis@RT-AX86U-3E18:/jffs/scripts#
EDIT: my interpretation of the dns script output was wrong and once I configured Unbound via VPN, the PUBLIC IP only shows 8.8.8.8 DNSc which was/is OK. So all (red) requests from PUBLIC IP x.x.x to upstream servers were done by UNBOUND, but not as I expected as LOCAL IP (192.168.1.59).
UNBOUND via WAN / PUBLIC IP
UNBOUND via VPN / VPN IP
Last edited: