Xentrk
Part of the Furniture
I worked on Unbound a little earlier this week. I was able to get unbound running.
My objective is to route DNS thru the VPN tunnels as I do on my pfSense appliance. And have it work in conjunction with dnsmasq as is done in these two blog posts.
http://blog.alanporter.com/2014-03-09/dnsmasq-unbound/
https://blog.josefsson.org/2015/10/26/combining-dnsmasq-and-unbound/
AB-Solution requires dnsmasq and I need the ipset functionality built into dnsmasq for other requirements.
These are the lines in my pfSense Unbound config that I think is responsible for routing the DNS queries thru the VPN tunnel.
But when I do an ipleak.net test, I get the DNS from the WAN page. DNS is handled differently when using Policy Rules on Asuswrt-Merlin which may be a factor preventing it from working.
@kvic appears to have all the bells and whistles working as seen here.
I plan to research the topic more next week.
My objective is to route DNS thru the VPN tunnels as I do on my pfSense appliance. And have it work in conjunction with dnsmasq as is done in these two blog posts.
http://blog.alanporter.com/2014-03-09/dnsmasq-unbound/
https://blog.josefsson.org/2015/10/26/combining-dnsmasq-and-unbound/
AB-Solution requires dnsmasq and I need the ipset functionality built into dnsmasq for other requirements.
These are the lines in my pfSense Unbound config that I think is responsible for routing the DNS queries thru the VPN tunnel.
Code:
# Outgoing interfaces to be used
outgoing-interface: 10.22.0.6
outgoing-interface: 10.9.0.6
outgoing-interface: 10.24.0.6But when I do an ipleak.net test, I get the DNS from the WAN page. DNS is handled differently when using Policy Rules on Asuswrt-Merlin which may be a factor preventing it from working.
@kvic appears to have all the bells and whistles working as seen here.
I plan to research the topic more next week.
People in this thread use Unbound as a forwarder (just like dnsmasq). My Unbound setup is rather simple. I use it as a resolver.
Hence, I won't be able to comment e.g. forwarding over DoT. I don't intend to try either. Perhaps need to wait for @Xentrk sharing his adventure.
As a resolver, Unbound works great for me! I like it very much.
@XIII I compiled 1.7.3 myself.
Hence, I won't be able to comment e.g. forwarding over DoT. I don't intend to try either. Perhaps need to wait for @Xentrk sharing his adventure.
As a resolver, Unbound works great for me! I like it very much.
@XIII I compiled 1.7.3 myself.
underdose
Regular Contributor
People in this thread use Unbound as a forwarder (just like dnsmasq). My Unbound setup is rather simple. I use it as a resolver.
Hence, I won't be able to comment e.g. forwarding over DoT. I don't intend to try either. Perhaps need to wait for @Xentrk sharing his adventure.
As a resolver, Unbound works great for me! I like it very much.
@XIII I compiled 1.7.3 myself.
I've managed to get Unbound up and running as forwarder thanks to you. My problem is, Unbound version on Entware-ng repo is 1.6.7 and has too many critical bugs. Can you compile 1.7.3 for RT-N66U and share the package with me if that's ok for you?
Xentrk
Part of the Furniture
See if this works. See the source site here...
https://nlnetlabs.nl/projects/unbound/download/#unbound-1-7-3
Then, run this command.
Code:
wget https://nlnetlabs.nl/downloads/unbound/unbound-1.7.3.tar.gz
tar -zxvf unbound-1.7.3.tar.gzPerhaps unlacke the tar file to the /opt/use/etc directory?
Get a Raspberry Pi and then use this:
https://pi-hole.net/
Scroll to the bottom of the linked page and read about installing Unbound on the Pi. I've been using this for a while and it works very well.
---------------
RT-AC68U Merlin 384.5 (waiting on 384.7)
https://pi-hole.net/
Scroll to the bottom of the linked page and read about installing Unbound on the Pi. I've been using this for a while and it works very well.
---------------
RT-AC68U Merlin 384.5 (waiting on 384.7)
XIII
Very Senior Member
That’s only the source; no binaries.
johnathonm
Regular Contributor
Guys,
What IDE are you using to build these apps? I want to learn to start compiling apps. Would you be willing to give me a little direction?
There must be a reason for mipsel not in sync with other platforms on the version number. The answer could be pre-requites not fulfilling newer Unbound versions. That indicates beyond 1.6.7 not compilable on mipsel platforms.
The Entware build environment is inherited from OpenWRT. Mostly command lines and script driven work using standard GNU tools such as make/autotools/libtools/etc.
Entware's Github has a concise wiki on building from source. That assumes you have certain prior experience with the above tools. OpenWRT has more details wiki's but certainly not for first timers.
If you want to try, follow Entware's wiki. At least that can get you quickly started and build something. But be warned that without prior experience with the above tools, troubleshooting build errors is going to be very painful and frustrating..
underdose
Regular Contributor
The reason for the lower version number is: Entware-ng repo (for MIPS based routers) is not maintained anymore, the last update of the packages on the repo is dated back to March IIRC. But I'd like to give 1.7.3 a go as you did by compiling yourself and it doesn't matter if it breaks/doesn't work with my router since I can roll back the firmware and start from scratch.
Also, I'm sure I've seen unbound 1.7.3 for mipselsf on their SVN a few weeks back but now can't find it because they've redesigned the website and the SVN, probably removed platform specific packages from SVN too and made a unified one.
I've tried to compile Asuswrt-Merlin and create an Unbound installer for my RT-N66U under Ubuntu 12.04 (VM) with toolchains and dependencies installed but seems like I'm really a noob when it comes to editing/using Makefile for my liking and compiling stuff, so I need someone to compile Unbound 1.7.3 for my router or write a complete step by step, noob-proof walkthrough for me.
Thanks everyone for the replies though.
Xentrk
Part of the Furniture
This is another DNS solution of interest I want to look into some more.
Using DNS-over-TLS with the Quad9 DNS Service
Stubby
Using DNS-over-TLS with the Quad9 DNS Service
Stubby
Last edited:
john9527
Part of the Furniture
johnathonm
Regular Contributor
I will have to check it out now. Thanks for the tip.
XIII
Very Senior Member
This link seems broken...
Grisu
Part of the Furniture
Xentrk
Part of the Furniture
Sorry, I fixed in the OP
Last edited:
johnathonm
Regular Contributor
I believe in you guys... Unbound will bring us into the early 2000's!
Similar threads
Similar threads
Similar threads
-
-
Solved New ISP - WAN Setup - Will not work with custom WAN DNS - dnsmasq.conf
- Started by stilltravelling
- Replies: 1
-
dnsmasq: failed to create listening socket for 192.168.1.1: Address already in use
- Started by bibikalka
- Replies: 7
-
-
-
-
-
Any way to diagnose further these dnsmasq restart events?- Started by saison2023
- Replies: 5
-
In dnsmasq, how do I stop overriding an address if the server goes down?
- Started by PickleTickle
- Replies: 1
-