What's new

Unbound unbound_manager (Manager/Installer utility for unbound - Recursive DNS Server)

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Network Tools > Network Analysis > Method. Choose nslookup from drop down tab
 
FWIW, I too am running Unbound and get 1.1.1.1 when I check with nslookup.
 
This is what I see, is this ok? Everything vanilla


total.num.queries=162767
total.num.zero_ttl=3175
total.requestlist.exceeded=0
total.tcpusage=0
total.num.queries_ip_ratelimited=0
total.num.recursivereplies=1903
total.requestlist.current.all=0
msg.cache.count=2741
total.num.cachehits=160864
total.requestlist.avg=0.949339
total.requestlist.current.user=0
rrset.cache.count=7039
total.num.cachemiss=1903
total.requestlist.max=23
total.recursion.time.avg=0.073939
infra.cache.count=1907
total.num.prefetch=2558
total.requestlist.overwritten=0
total.recursion.time.median=0.0269534
key.cache.count=390

Summary: Cache Hits success=98.00%
 
How did you get the “Run Command” tab under Tools? Does this come with the Unbound installation?


Sent from my iPhone using Tapatalk

No. That is a very old RMerlin code addition that was deemed too high a security risk and removed in later firmware.
 
I'm on 384.15. The run command was always there.
So, is this normal when I nslookup from my router?

What router?

I think your router may need an M&M Config to get to a current state of firmware/variables. :)
 
I've installed unbound, statistics say I have a 97% hit ratio.
When I run nslookup on the router, it returns 1.1.1.1 as DNS.
Is this normal? I've set 1.1.1.1 as DNS in WAN settings (DoT, strict profile)
I was seeing that in my testing as well. I think the cause is when the following option in tools -> other settings is disabled:

upload_2020-2-16_21-20-9.png


If enabled, then nslookup uses 127.0.0.1.
 
Is this good or bad?
Should I leave 1.1.1.1 for the router to resolve correctly after a reboot or enable local caching DNS server as system resolver?
What's "better"?
 
I was seeing that in my testing as well. I think the cause is when the following option in tools -> other settings is disabled:

View attachment 21427

If enabled, then nslookup uses 127.0.0.1.
That's how I have mine setup. It's awesome. @dave14305 said a while ago, that having this enabled won't hurt unbound in any way.
 
Then why isn't this part of the pre-reqs check in unbound_manager installer?
 
Last edited:
Then why isn't this part of the installer?
To check this option?
Because for most people the defaults are enough, this was written to be easy to use by anyone, without the need for too much router experience.
 
Then why isn't this part of the installer?
To check this option?
Oh look it already is on supported routers :rolleyes::rolleyes:

upload_2020-2-16_15-45-8.png


P.S. Why can't you name the router/firmware you are using?

Is it ILLEGAL perchance?
 
Last edited:
P.S. Why can't you name the router/firmware you are using?
Is it ILLEGAL perchance?
I'm not allowed to say this here, if you understand what I mean.
I've venture a guess that it is based on their previous comment. :eek:
Edit: two comments in sentence....Need more coffee....
 
Last edited:
After uninstalling Unboud (just for test purposes) Working great! (I’ve router in VPN mode) nslookup from router will show 1.1.1.1. without the dns local caching setting with DOT enabled. I did a tcdump on port 853, my wan dns one.one.one.one gets hit with DNS from WAN (not automatic) but not on port 853. To my knowledge 853 wil be hit with DOT enabled. But it doesn't, only when I use local caching and do a tcdump on port 853. Is this due to the uninstall of unbound or working as intended? Im leaving local caching on for now.
 
This is what I see, is this ok? Everything vanilla


total.num.queries=162767
total.num.zero_ttl=3175
total.requestlist.exceeded=0
total.tcpusage=0
total.num.queries_ip_ratelimited=0
total.num.recursivereplies=1903
total.requestlist.current.all=0
msg.cache.count=2741
total.num.cachehits=160864
total.requestlist.avg=0.949339
total.requestlist.current.user=0
rrset.cache.count=7039
total.num.cachemiss=1903
total.requestlist.max=23
total.recursion.time.avg=0.073939
infra.cache.count=1907
total.num.prefetch=2558
total.requestlist.overwritten=0
total.recursion.time.median=0.0269534
key.cache.count=390

Summary: Cache Hits success=98.00%


Looks good to me.
98%, woo hoo!:)
 
Unbound is a game changer for me. I love it :)

My config is as follows. Installed Skynet->Unbound+AdBlock->scribe. Latest Merlin 384.15. Running OpenVPN client with DNS Disabled, Policy Rule and Kill Switch.
On WAN tab I have DNS Privacy enabled -> Strict. (Quad9 servers)

Upon initial setup everything was working fine and DNS Leak would show my router IP as DNS. When I restarted the router with this configuration VPN client did not connect on startup, when started manually DNS leak shows my DNS Privacy servers; and that made we wonder.

FIX
1. WAN tab disable DNS Privacy
2. WAN tab under DNS Server 1 I specified 9.9.9.9 (quad9)
3. Make sure you follow all requirements and settings for Unbound. DNS Filter, DNS SEC disabled.

Restarted the router and it all works fine.
 
Last edited by a moderator:
I disabled Unbound in Unbound_manager and now I want to start it again, but I can't see how to restart Unbound
 
Is there any documentation about the adblocker configuration or where do we change the host file that is downloaded?
Any help would be appreciated. I am trying to understand and learn more about unbound and included adblocker.
 

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top