DNSmasq and OpenVPN DNS
AB-Solution is the ad blocking solution for Asus routers using Asuswrt-Merin firmware. AB-Solution requires DNSmasq to work properly. With Asuswrt-Merlin firmware, OpenVPN clients use the VPN tunnel’s DNS. As a result, AB-Solution will not work for LAN clients connected to the VPN tunnel when using
Policy Rules since DNSmasq is by-passed. AB-Solution will still work for devices connected to the WAN though.
John9547 LTS fork has implemented DNS differently than Asuswrt-Merlin. The DNS rules are reversed. With
Accept DNS Configuration set to
Exclusive, the VPN clients will use DNSmasq and AB-Solution will work. There is also a
check box on how you want to handle the WAN clients. If you leave it unchecked, the WAN clients will also use the VPN DNS servers (but not the tunnel) and they can use AB-Solution. If you
check the box, the WAN client requests are sent directly to the WAN DNS servers and AB-Solution will not be available.
To resolve the DNS and routing issues when using Policy Rules with Asuswrt-Merlin, set
Accept DNS Configuration to
“Strict” Disabled and specify the DNS server for the VPN tunnel to use by adding the dhcp-option DNS command in the Custom Configuration section. Without the dhcp-option command,
AB-Solution updates will fail, the AB-Solution email function will no longer work and the wget command will not able to resolve the domain name.