Menu
What's new
By:
Filters Better Search

PI hole + unbound + domain vpn routing

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

O

OBENZ

Regular Contributor
Hello community today i'm encountering an issue that i can't root out. My set up is as follow, 86U with asus merlin and 4 nordvpn client running. Pihole with unbound.
The way i have it set up is as follows:
WAN DNS is using cloudfare
LAN DNS is using PIHOLE IP
DNS DIRECTOR is ON with global redirection set to no redirection and RPI where the pihole is running is set to no redirection

I'm using domain vpn routing script to create a tunnel for specfic domains, mainly NETFLIX, DISNEY, AMAZON, MAX. Each VPN client configuration has a country region and each has its DNS set to Exclusive.

When i do i simple test of going to DNSLEAK or IPLEAK i end up with my ISP IP AND DNS even though i have added all their domains to the vpn routing script. i'm at loss to be honest any help would be appreciated
 
External DNS checkers are not reliable. What matters is what's actually happening within the router itself.

To that end, what does the merlin DNS monitor say are the DNS servers in use?

www.snbforums.com

Tutorial - How to monitor DNS traffic in real-time

The following script allows for real-time monitoring of DNS on the router for the purposes of knowing what DNS servers are in use, and which network interfaces are being used. https://pastebin.com/AGNF8cC8 Overview One of the most difficult aspects of the router for users is managing DNS. DNS...
www.snbforums.com www.snbforums.com
 
OBENZ said:
DNS DIRECTOR is ON with global redirection set to no redirection and RPI where the pihole is running is set to no redirection
Click to expand...
Out of curiosity, why do yo have Global Redirection set to No Redirection rather than set to Router? What is that setting accomplishing for your use case?
 
bennor said:
Out of curiosity, why do yo have Global Redirection set to No Redirection rather than set to Router? What is that setting accomplishing for your use case?
Click to expand...
i dont like when the router's name keeps popping up on my pihole client list as the number one and it masks which client is making the queries if that makes sens
 
eibgrad said:
External DNS checkers are not reliable. What matters is what's actually happening within the router itself.

To that end, what does the merlin DNS monitor say are the DNS servers in use?

www.snbforums.com

Tutorial - How to monitor DNS traffic in real-time

The following script allows for real-time monitoring of DNS on the router for the purposes of knowing what DNS servers are in use, and which network interfaces are being used. https://pastebin.com/AGNF8cC8 Overview One of the most difficult aspects of the router for users is managing DNS. DNS...
www.snbforums.com www.snbforums.com
Click to expand...
it might be true but all the websites are not usable as they detect im in my country where those services don't work/are not available..i'll check your link though, thank you
 
OBENZ said:
i dont like when the router's name keeps popping up on my pihole client list as the number one and it masks which client is making the queries if that makes sens
Click to expand...
You can possibly solve that by using Conditional forwarding on the Pi-Hole (Settings > DNS section) if you aren't doing so already. This assumes the router and not the Pi-Hole is doing the DHCP server. And this assumes the LAN clients are using the Pi-Hole for their DNS (via the Router GUI LAN > DHCP Server > DNS Server 1 & 2 values (and one has Advertise router's IP in addition to user-specified DNS disabled).
 
OBENZ said:
i dont like when the router's name keeps popping up on my pihole client list as the number one
Click to expand...

Your Pi-hole is not configured properly. You don't have to filter router's internal requests, just clients'. Router's DNS in WAN to whatever you like, clients' DNS in LAN to Pi-hole + don't advertise routers IP + Conditional Forwarding as explained above in Pi-hole. You won't see your router ever, clients only.

OBENZ said:
DNS DIRECTOR is ON with global redirection set to no redirection and RPI where the pihole is running is set to no redirection
Click to expand...

Your setting effectively disables DNS Director. Global Redirection to Router, RPi with Pi-hole to No Redirection.
 
OBENZ said:
ok all taken into consideration and applied the changes still doesnt change anything regarding my situation :(
Click to expand...
It may help if you post your VPN client configuration and domain VPN routing script, redacting sensitive info, for others to review.

The suggestions to fix DNS Director (Global Redirection to Router) may not affect your VPN settings. But at least you likely now have DNS Director working properly for main LAN non VPN clients
 
yea sure heres the client VPN config and my domainlist for DISNEY

Code: 
www.apps.disneyplus.com
cdn.cookielaw.org
img.hotstar.com
disney.com
bamgrid.com
www.disneyplus.com
media.dssott.com
disney-plus.net
appconfigs.disney-plus.net
disney.api.edge.bamgrid.com
disney.content.edge.bamgrid.com
disney.connections.edge.bamgrid.com
cws.convava.com
disney-portal.my.onetrust.com
disneyplus.bn5x.net
js-agent.newrelic.com
adobedtm.com
braze.com
disney.demdex.net
starrot.com
cdn.registerdisney.go.com
disney.api.edge.bamgrid.com
disney.connections.edge.bamgrid.com
disney.content.edge.bamgrid.com
disney.images.edge.bamgrid.com
disney.playback.edge.bamgrid.com
pcs.bamgrid.com
playback-certs.bamgrid.com
prod-ripcut-delivery.disney-plus.net
prod-static.disney-plus.net
static-assets.bamgrid.com
vod-akc-na-central-1.media.dssott.com
vod-akc-na-east-2.media.dssott.com
vod-bgc-na-east-1.media.dssott.com
vod-ftc-na-east-2.media.dssott.com
vpe-static.bamgrid.com
vod-akc-na-west-2.media.dssott.com
vod-ftc-eu-south-1.media.dssott.com
vod-bgc-eu-west-1.media.dssott.com
vod-ftc-eu-south-1.media.dssott.com


for some reason, disney directs me to apps.disneyplus.com even if i try to visit disney.com as that's where our regional disney is hosted. yet when i run NordVPN through their app and visit disney it doesn't redirect
 

Attachments

  • VPN.jpg
    VPN.jpg
    60.9 KB · Views: 6
You must log in or register to reply here.

Similar threads

S
Moving DHCP to Pi-Hole
Replies
2
Views
433
Scott Kaforey
S
tRiFFiD
Unbound Unbound & local domain DNS
Replies
0
Views
331
tRiFFiD
tRiFFiD
CaptnDanLKW
VPN Stays connected but Stops Routing after DoH Change
Replies
2
Views
170
eibgrad
eibgrad
P
dnsmasq custom domain doesn't work on windows 10
Replies
1
Views
346
PickleTickle
P
J
Pihole/Yazfi with guest network
Replies
4
Views
491
jsn2233
J
Similar threads
Thread starter Title Forum Replies Date
S Moving DHCP to Pi-Hole Asuswrt-Merlin 2
L Unbound + Wireguard: is this combination possible at all? Asuswrt-Merlin 6
hedeon change .local domain to something else Asuswrt-Merlin 7
P dnsmasq custom domain doesn't work on windows 10 Asuswrt-Merlin 1
TanyaC cannot add domain to router URL filter Asuswrt-Merlin 15
pianopete Solved How to redirect my local domain to an externally hosted web server Asuswrt-Merlin 1
M Firewall rule to allow only a specific domain name Asuswrt-Merlin 13
J How to route domain from server side lan via remote ovpn client Asuswrt-Merlin 6
I Solved How to bypass standard DNS servers for one domain and all subdomains Asuswrt-Merlin 4

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Staff online

Members online

Total: 762 (members: 25, guests: 737)
Top