Unbound Internet (likely DNS?) drops randomly when OVPN is On

  • ATTENTION! You'll notice a Prefix dropdown when you create a thread. If your post applies to one of the topics listed, please use that Prefix for your post. When browsing the thread list you can use the Prefix to filter the view.
  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

ascent

Occasional Visitor
Putting this here with the Unbound tag since I think it may be a problem with Unbound or the settings I am using with Unbound and/or the OVPN client.

With OVPN on and having my connected devices go over that VPN via policy rules, I've been having a problem lately where my internet connection fails randomly (sometimes one time per day, multiple times per day, or not for several weeks). By turning OVPN off, it fixes the problem. Usually if I wait a while to turn OVPN back on it's working again.

Before this started happening, everything's been running fine for quite a while and don't think I've made any changes since it started giving me issues. Here's what I'm running:
  • Merlin 386.1-2
  • Diversion
  • Unbound
  • x3mrouting (although I don't think I'm really utilizing this right now)
  • VPN Client 1 (On)
  • Using mostly default settings provided my my VPN service
  • Accept DNS configuration (Disabled)
  • Policy Rules - strict
  • WAN DNS setting - connect to DNS server automatically (No)
  • DNS server 1 (1.1.1.1)
  • DNS server 2 (1.0.0.1)
  • DNS privacy protocol (none)
  • DNS filter (On)
  • Global filter mode (router)
Any other settings that are needed to help answer my problem?

I was wondering if I need to do some updates in amtm/unbound or if some of my router settings need to be changed.

One other thing, a while back I attempted to install the scripts here ( https://www.snbforums.com/threads/unbound-dns-vpn-client-w-policy-rules.67370/ ) and had it working well but sort of gave me the same issue (my DNS leak test would randomly revert back to my local IP rather than the VPN). So for now I disabled those scripts, but maybe the problems are related?
 

chongnt

Senior Member
Since it has been working and only happen at random, I would suspect this is something to do with vpn provider. When you turn back OVPN do you connect back to the same server?

I have been using swinson’s scripts and it has been working fine. Now that you have temporarily disabled the script meaning unbound resolution will bypass your vpn connection and go through your WAN connection directly.

What I can think of to isolate the cause of your problem is do the following when your internet is broken:
SSH into router,
1. dig google.com
This check your WAN connection and your router DNS. In your case is 1.1.1.1 or 1.0.0.1

2. dig @127.0.0.1 -p 53535 google.com
This check unbound DNS if it is working via WAN. If you get the address resolution from the output mean unbound is working correctly.

3. In your pc that is routed through VPN, run
nslookup google.com or dig google.com depending on your OS. This will tell if your machine is getting the address resolution from unbound.

4. In your pc, ping google.com. This will go through your vpn connection. If only your vpn server side is acting up, this will failed.

Edit: by the way, there is a discussion on a script by Matineau that can trigger vpn failover.
 
Last edited:

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top