bassplayerchris
Occasional Visitor
I have an ASUS with multiple VPN tunnels set up - in each case the VPN tunnel provides the address of a VPNreachable DNS server on connection time (which is just a DNS server running on the other side of the VPN server) though I had assumed that this would normally be ignored.
The DNS settings in 'LAN/DHCP Settings' on the router has DNS Server 1 pointing at an upstream address (a normal address that doesn't involve going via the VPN tunnels). DNS Server 2 is unset. Parental Controls/DNS Fitering/Global Filter Mode, is set to "Router" (setting these so that the clients that are permanently routed via one of the tunnels can then have their own DNS queries re-written via the Custom field to the appropriate VPN reachable DNS servers).
I turned on query logging on dnsmasq to solve another issue and notice that, some queries are being directed to the address in 'DNS Server 1', and some are being directed to both this server and one of the VPN addresses.
Why is this? There's nothing in in the config that indicates this behaviour - there's nothing that DNSMASQ is picking up afaict. If i look in nvram I see:
dnsfilter_custom1=10.7.0.1
dnsfilter_custom2=10.8.0.1
dnsfilter_custom3=10.9.0.1
Which is what I'd expect given my settings above (10.9.0.1 is the spurious VPN address being picked up and used by DNSMASQ).
Lastly, slightly different issue. In addition to making requests to the self provided ntp server, the ASUS is also making requests to time.nist.gov (round-robining). Look in the nvram I see:
ntp_server0=0.uk.pool.ntp.org
ntp_server1=time.nist.gov
So I guess that one is hardcoded - as it doesn't appear on the NTP dialogue.
One more note - NTP querying is being done once per hour - virtually on the hour - I suspect best practice would see this varied randomly to avoid spikes in NTP traffic.
The DNS settings in 'LAN/DHCP Settings' on the router has DNS Server 1 pointing at an upstream address (a normal address that doesn't involve going via the VPN tunnels). DNS Server 2 is unset. Parental Controls/DNS Fitering/Global Filter Mode, is set to "Router" (setting these so that the clients that are permanently routed via one of the tunnels can then have their own DNS queries re-written via the Custom field to the appropriate VPN reachable DNS servers).
I turned on query logging on dnsmasq to solve another issue and notice that, some queries are being directed to the address in 'DNS Server 1', and some are being directed to both this server and one of the VPN addresses.
Why is this? There's nothing in in the config that indicates this behaviour - there's nothing that DNSMASQ is picking up afaict. If i look in nvram I see:
dnsfilter_custom1=10.7.0.1
dnsfilter_custom2=10.8.0.1
dnsfilter_custom3=10.9.0.1
Which is what I'd expect given my settings above (10.9.0.1 is the spurious VPN address being picked up and used by DNSMASQ).
Lastly, slightly different issue. In addition to making requests to the self provided ntp server, the ASUS is also making requests to time.nist.gov (round-robining). Look in the nvram I see:
ntp_server0=0.uk.pool.ntp.org
ntp_server1=time.nist.gov
So I guess that one is hardcoded - as it doesn't appear on the NTP dialogue.
One more note - NTP querying is being done once per hour - virtually on the hour - I suspect best practice would see this varied randomly to avoid spikes in NTP traffic.
