Unbound Unbound Selectively Kills WAN connections

  • ATTENTION! You'll notice a Prefix dropdown when you create a thread. If your post applies to one of the topics listed, please use that Prefix for your post. When browsing the thread list you can use the Prefix to filter the view.
  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

Sean Rhodes

Regular Contributor
I'm running Merlin 384.13_10 on an AC3200, with amtm, diversion, x3mRouting, plus several of the other plug-ins/scripts installed, and I decided to install unbound last night. As soon as I had it running, it essentially killed all connections to the internet, I'm assuming it was the dns that was messed up.
I completely uninstalled everything, and disabled dnsmasq in the gui and power cycled.
When the router came back online, only my windows PC would connect to the web, both the iMac and macbook air refused to connect.
The only thing I could do was a nuclear reset and reload everything. I know that both diversion and x3mRouting both use the dnsmasq feature, but I don't understand how they are all interacting, so I don't know if there's a script conflict, or if unbound added something that broke the dns.
Has anyone seen anything similar to this, or can anyone give me some pointers on how to figure out what is going on, I didn't save the syslog unfortunately, but didn't see anything that stood out.
 

dave14305

Part of the Furniture
What do you mean when you say you "disabled dnsmasq in the gui"? dnsmasq and Unbound can co-exist and it's a good baseline setup.
 

Sean Rhodes

Regular Contributor
What do you mean when you say you "disabled dnsmasq in the gui"? dnsmasq and Unbound can co-exist and it's a good baseline setup.
I had the enable dns based filtering set to on for unbound, and then set it back to its original off state after uninstalling unbound
 

Xentrk

Part of the Furniture
I'm running Merlin 384.13_10 on an AC3200, with amtm, diversion, x3mRouting, plus several of the other plug-ins/scripts installed, and I decided to install unbound last night. As soon as I had it running, it essentially killed all connections to the internet, I'm assuming it was the dns that was messed up.
I completely uninstalled everything, and disabled dnsmasq in the gui and power cycled.
When the router came back online, only my windows PC would connect to the web, both the iMac and macbook air refused to connect.
The only thing I could do was a nuclear reset and reload everything. I know that both diversion and x3mRouting both use the dnsmasq feature, but I don't understand how they are all interacting, so I don't know if there's a script conflict, or if unbound added something that broke the dns.
Has anyone seen anything similar to this, or can anyone give me some pointers on how to figure out what is going on, I didn't save the syslog unfortunately, but didn't see anything that stood out.
dnsmasq logging is required if using the dnsmasq feature of x3mRouting.

I install unbound from time to time to test the integration with x3mRouting. I did so a few days ago. In an earlier version, there was an option to still use dnsmasq. I did not see it displayed this last time. But I can tell it's working by looking at the dnsmasq log file after accessing netflix.com in a browser.

grep ipset /opt/var/log/dnsmasq.log

Code:
Nov 19 08:28:26 dnsmasq[29661]: ipset add NETFLIX-DNS 45.57.91.1 assets.nflxext.com
Nov 19 08:28:26 dnsmasq[29661]: ipset add NETFLIX-DNS 45.57.90.1 assets.nflxext.com
Nov 19 08:28:26 dnsmasq[29661]: ipset add NETFLIX-DNS 45.57.91.1 assets.nflxext.com
Nov 19 08:28:26 dnsmasq[29661]: ipset add NETFLIX-DNS 45.57.90.1 assets.nflxext.com
Nov 19 08:28:26 dnsmasq[29661]: ipset add NETFLIX-DNS 45.57.91.1 assets.nflxext.com
Nov 19 08:28:26 dnsmasq[29661]: ipset add NETFLIX-DNS 45.57.90.1 assets.nflxext.com
Nov 19 08:28:26 dnsmasq[29661]: ipset add NETFLIX-DNS 45.57.90.1 codex.nflxext.com
Nov 19 08:28:26 dnsmasq[29661]: ipset add NETFLIX-DNS 45.57.91.1 codex.nflxext.com
Nov 19 08:28:26 dnsmasq[29661]: ipset add NETFLIX-DNS 45.57.91.1 codex.nflxext.com
Nov 19 08:28:26 dnsmasq[29661]: ipset add NETFLIX-DNS 45.57.90.1 codex.nflxext.com
 

Sean Rhodes

Regular Contributor
I have all the amtm scripts installed except for the QOS ones, Yazi, conmon, dnscrypt and unbound. Everything works under this scenario, but if I install dnscrypt or unbound, it kills my network for some reason. I assume that they do something to the dnsmasq, but both diversion and x3mRouting don't cause any issues.
I guess my question is, is there a way to install unbound in steps and test the router after each step to see where its breaking down, or is there a writeup somewhere to show exactly what is being changed, so when I try to re-install, I can reverse the changes if I need to?
Essentially I would want to port the log file to review, or maybe echo out the results of each script instruction
 

L&LD

Part of the Furniture

Sean Rhodes

Regular Contributor
What order are you installing scripts in?

Order of installing popular scripts | SmallNetBuilder Forums

Except for the now outdated and superseded FreshJR QoS script (use FlexQoS instead), that list is still relevant for 'what order', today.
Thanks L&LD, that could be my issue then. I installed x3mRouting, uiDivStats, scribe, uiScribe and spdMerlin all prior to Unbound. I think I will leave until the weekend and perform a factory reset and jffs & usb re-format and partition as opposed to uninstalling and re-installing the amtm features, that way I know there are no left overs
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top