Menu
What's new
By:
Filters Better Search

Unbound Understanding Unbound...

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

chongnt said:
Glad that it works. But with a little caveat. If you only have one ovpn client then it works fine. If someone has more that one ovpn client, then it may not work very well. For example, the last one that come up will have unbound bind over it; or any one ovpn client went down, it may cause unbound route back on WAN etc. We don't have the flexibility of the individual route-up/route-pre-down script offers.
Click to expand...
Yeah that seems to be a whole other hurdle to overcome. Glad to only be using a single VPN. ;)
 
JGrana said:
Yes, there was some debating about restoring the cache. The main problem was determining how old the saved cache was. On a reboot - you know it’s fairly fresh. On the other hand, if you power off the router, reconfigure something, spend a few hours futzing around - on a fresh start - the cache could be quite old.
I wrote a script to timestamp the cache file on evey ubound-control dump-cache (via cron every 10 mins).
On a services-start if the time stamped cache was older than 30 mins, no reload.
I don’t recall now how @Martineau implemented it in unbound-manager. I did this script before it was added.
Click to expand...
His take is in this post. Basically on start-up, it will run from post-mount script. cache is that older than 10 min will not get restored.
www.snbforums.com

Unbound - unbound_manager (Manager/Installer utility for unbound - Recursive DNS Server) - General questions / discussion thread 2

Sorry but I cannot see how to get the Advanced menu. from the Readme on Github
www.snbforums.com www.snbforums.com
 
I think the two lines can be consolidated into a single line:

Code: 
[ "${dev:0:4}" = 'tun1' ] && vpn_id=${dev:4:1} && { [ "$script_type" = 'route-up' ] && /jffs/addons/unbound/unbound_DNS_via_OVPN.sh $vpn_id start & || [ "$script_type" = 'route-pre-down' ] && /jffs/addons/unbound/unbound_DNS_via_OVPN.sh $vpn_id stop &; }

Or a bit more:
Code: 
[ "${dev:0:4}" = 'tun1' ] && vpn_id=${dev:4:1} && { [ "$script_type" = 'route-up' ] && /jffs/addons/unbound/unbound_DNS_via_OVPN.sh $vpn_id start & || /jffs/addons/unbound/unbound_DNS_via_OVPN.sh $vpn_id stop &; }
 
chongnt said:
I think the two lines can be consolidated into a single line:

Code: 
[ "${dev:0:4}" = 'tun1' ] && vpn_id=${dev:4:1} && { [ "$script_type" = 'route-up' ] && /jffs/addons/unbound/unbound_DNS_via_OVPN.sh $vpn_id start & || [ "$script_type" = 'route-pre-down' ] && /jffs/addons/unbound/unbound_DNS_via_OVPN.sh $vpn_id stop &; }

Or a bit more:
Code: 
[ "${dev:0:4}" = 'tun1' ] && vpn_id=${dev:4:1} && { [ "$script_type" = 'route-up' ] && /jffs/addons/unbound/unbound_DNS_via_OVPN.sh $vpn_id start & || /jffs/addons/unbound/unbound_DNS_via_OVPN.sh $vpn_id stop &; }
Click to expand...
I appreciate the optimization, but I think I'll leave it as-is to allow people to have more understanding on how it works... ;)
 
Out of curiosity, was there a definitive answer on whether we can use 127.0.0.1 in the WAN DNS settings? That's the only thing still going over the WAN connection. As you can see in the screenshot, I'm using Nord's SmartDNS servers at present.
1687495573534.png
 
iTyPsIDg said:
Out of curiosity, was there a definitive answer on whether we can use 127.0.0.1 in the WAN DNS settings? That's the only thing still going over the WAN connection. As you can see in the screenshot, I'm using Nord's SmartDNS servers at present.View attachment 51246
Click to expand...
I remember some older threads that spoke to this - I'm lazy and going to paraphrase, but I'm pretty sure that was a dangerous thing to do, especially on a reboot, where your router may not be able to get out to the internet to do some core functionality like getting info from time servers and such... which then cascades and borks things up (technical terms) :p

But experiment freely! Let us know what your experience is... we're dying to find out!
 
Viktor Jaep said:
I remember some older threads that spoke to this - I'm lazy and going to paraphrase, but I'm pretty sure that was a dangerous thing to do, especially on a reboot, where your router may not be able to get out to the internet to do some core functionality like getting info from time servers and such... which then cascades and borks things up (technical terms) :p

But experiment freely! Let us know what your experience is... we're dying to find out!
Click to expand...
Haha, not after the issues last year. I don't want to rebuild the router again today.
 
Interesting thread, so is there any performance analysis/report that actually shows any optimization in performance/response to queries with that setup?
 
fearz said:
Interesting thread, so is there any performance analysis/report that actually shows any optimization in performance/response to queries with that setup?
Click to expand...
Yea I think most of the performance and optimization works were done in threads like this one:

www.snbforums.com

Unbound - unbound_manager (Manager/Installer utility for unbound - Recursive DNS Server) - General questions / discussion thread 2

ORIGINAL THREAD: https://www.snbforums.com/threads/unbound_manager-manager-installer-utility-for-unbound-recursive-dns-server.61669 I apologize for being so bold as to create a second "general" thread but it seems perhaps more logical than a million tiny ones...
www.snbforums.com www.snbforums.com
 
Wonder why my results are different from @Viktor Jaep , mine is also standard installation of unbound using root servers only.
1689733743218.png
 
Last edited:
Khadanja said:
Wonder my results are different from @Viktor Jaep , mine is also standard installation of unbound using root servers only.
View attachment 51812
Click to expand...
I get the same results... a few months ago, they would all say "pass"... so I'm not sure what changed on their end... perhaps this is the correct output, now showing that it's only connecting to the valid signatures?

1689768126407.png
 
Last edited:
Viktor Jaep said:
I get the same results... a few months ago, they would all say "connected"... so I'm not sure what changed on their end... perhaps this is the correct output, now showing that it's only connecting to the valid signatures?

View attachment 51816
Click to expand...
That's how I interpreted it, not connected if the signature is not valid(invalid,expired,missing) and showing green which means it correctly identified bad/good items.
 
Khadanja said:
Wonder why my results are different from @Viktor Jaep , mine is also standard installation of unbound using root servers only.
View attachment 51812
Click to expand...
Viktor Jaep said:
I get the same results... a few months ago, they would all say "connected"... so I'm not sure what changed on their end... perhaps this is the correct output, now showing that it's only connecting to the valid signatures?

View attachment 51816
Click to expand...
bluepoint said:
That's how I interpreted it, not connected if the signature is not valid(invalid,expired,missing) and showing green which means it correctly identified bad/good items.
Click to expand...
Gary_Dexter said:
So long as Correct Signature is Connected and the rest are Not Connected then you’re good
Click to expand...
Yea there has been some major fixes lately with pihole, dnsmasq, and adguardhome, regarding how they interpret certain parts of the dnssec data. For a while there were parts being miss read. That is part of the reason the test on this site (and other test sites) would give strange results when meshing unbound, and adguardhome (or pihole) dnssec readings together. This is the updated test that resolved that issue.
 
You must log in or register to reply here.

Similar threads

B
Unbound unbound/WAN settings
2
Replies
31
Views
2K
aru
aru
Viktor Jaep
Solved Latest entware update borked up Unbound
2
Replies
25
Views
1K
elorimer
E
D
Diversion Diversion device exclusion & Unbound
Replies
0
Views
563
Dux
D
J
Unbound Configure unbound with multiple VPNs
Replies
7
Views
729
Viktor Jaep
Viktor Jaep
V
unbound blocking apple private relay.
Replies
1
Views
260
Tech9
Tech9
Similar threads
Thread starter Title Forum Replies Date
U Unbound Help setting up Unbound. Asuswrt-Merlin AddOns 2
B Knot Resolver vs unbound? Asuswrt-Merlin AddOns 1
V unbound blocking apple private relay. Asuswrt-Merlin AddOns 1
B Unbound unbound/WAN settings Asuswrt-Merlin AddOns 31
Viktor Jaep Solved Latest entware update borked up Unbound Asuswrt-Merlin AddOns 25
Q Problems unbound reverse proxy Asuswrt-Merlin AddOns 2
M Unbound Show local names in unbound log requests Asuswrt-Merlin AddOns 5
J Unbound Configure unbound with multiple VPNs Asuswrt-Merlin AddOns 7
I Unbound [SOLVED] Unbound not resolving anything Asuswrt-Merlin AddOns 40
S Unbound Unbound graphical statistics tab doesn't update all groups Asuswrt-Merlin AddOns 4

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 1,091 (members: 32, guests: 1,059)
Top