Nope I have the same as you and I just reran the test again and its the same results as I gave you before. It uses 127.0.0.1Comparing outputs now.....Would this have something to do with it?
View attachment 16916
View attachment 16917
Could this be as result of the Pixelserv CA in the Administration?
View attachment 16918
I am not sure what it looks like in yours.
Haveged successfully updated
Shutting down haveged... done.
Starting haveged... done.
Required dnsmasq parm no-resolv found in /tmp/etc/dnsmasq.conf
Required dnsmasq parm server=127.0.0.1#5453 found in /tmp/etc/dnsmasq.conf
Adding server=0::1#5453 to /jffs/configs/dnsmasq.conf.add
Required dnsmasq parm server=/pool.ntp.org/1.1.1.1 found in /tmp/etc/dnsmasq.conf
Existing stubby.yml found
stubby.yml backed up to stubby.yml.2019-04-06_17-24-47
stubby.yml downloaded successfully
S61stubby downloaded successfully
@RT-AX88U-29F0:/tmp/home/root# nslookup github.com
Server: 192.168.50.1
Address 1: 192.168.50.1 router.asus.com
Name: github.com
Address 1: 192.30.253.112 lb-192-30-253-112-iad.github.com
Address 2: 192.30.253.113 lb-192-30-253-113-iad.github.com
no-resolv
server=127.0.0.1#5453
server=/pool.ntp.org/1.1.1.1
proxy-dnssec
server=0::1#5453
I have this in the same file.I have this in my /jffs/configs/dnsmasq.conf.add:
Code:no-resolv server=127.0.0.1#5453 server=/pool.ntp.org/1.1.1.1 proxy-dnssec server=0::1#5453
server=127.0.0.1#5453
server=0::1#5453
server=/pool.ntp.org/1.1.1.1
Do you have it in yours?You need that no-resolve in /tmp/etc/dnsmasq.conf
Yes I do. The contents of the file above is like that because I use the dnssec settings in he gui. Not proxy-dnssec.Do you have it in yours?
7@RT-AX88U-29F0:/tmp/home/root# nslookup github.com
Server: 192.168.50.1
Address 1: 192.168.50.1 router.asus.com
Name: github.com
Address 1: 192.30.253.113 lb-192-30-253-113-iad.github.com
Address 2: 192.30.253.112 lb-192-30-253-112-iad.github.com
server=127.0.0.1#5453
server=0::1#5453
server=/pool.ntp.org/1.1.1.1
No proxy-dnssec for me.
Nothing else in this file.
no-resolv
Among a pile of other stuff.
sh /jffs/scripts/install_stubby.sh
Copy my stuff and bounce stubby.
I think it might be on behalf of folks using router VPN clients, but Stubby-Installer put a line in my /etc/dnsmasq.conf for a servers file which contains 192.168.50.1. Yet my lookup server shows as 127.0.0.1.I did...thank you, I appreciate it. But it didn't resolve my solution....
# grep server /etc/dnsmasq.conf
servers-file=/tmp/resolv.dnsmasq
server=127.0.0.1#5453
server=0::1#5453
server=/pool.ntp.org/1.1.1.1
# cat /tmp/resolv.dnsmasq
server=192.168.50.1
# drill github.com
;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 32172
;; flags: qr rd ra ; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;; github.com. IN A
;; ANSWER SECTION:
github.com. 22 IN A 192.30.253.113
github.com. 22 IN A 192.30.253.112
;; AUTHORITY SECTION:
;; ADDITIONAL SECTION:
;; Query time: 102 msec
;; EDNS: version 0; flags: ; udp: 1452
;; SERVER: 127.0.0.1
;; WHEN: Sat Apr 6 19:20:17 2019
;; MSG SIZE rcvd: 91
# nslookup github.com
Server: 127.0.0.1
Address 1: 127.0.0.1 localhost.localdomain
Name: github.com
Address 1: 192.30.253.112 lb-192-30-253-112-iad.github.com
Address 2: 192.30.253.113 lb-192-30-253-113-iad.github.com
If anything, not having no-resolv might help.This is interesting indeed.....not sure why my IP is being picked instead.
I don't have "no-resolv" in my /tmp/dnsmasq.conf either but again it is not on /jffs/configs/dnsmasq.conf.add as this says:
View attachment 16915
# ls -la /etc/resolv.conf
lrwxrwxrwx 1 HdB34266 root 20 Apr 6 18:45 /etc/resolv.conf -> /rom/etc/resolv.conf
# cat /rom/etc/resolv.conf
nameserver 127.0.0.1
Yes, I always reboot and allow for the router to stabilize a bit before attempting...
....and have updated the installer as well:
Code:sh /jffs/scripts/install_stubby.sh
but no luck....oh well....I will take a close look at my configuration to see if there is anything there....
I also generated a new server certificate but that did not make any difference...so Pixelserve CA as a potential issue is ruled out
ASUSWRT-Merlin RT-AC86U 384.10-2 Wed Apr 3 22:32:15 UTC 2019
admin@RT-AC86U:/tmp/home/root# nslookup github.com
Server: 127.0.0.1
Address 1: 127.0.0.1 localhost.localdomain
Name: github.com
Address 1: 192.30.253.112 lb-192-30-253-112-iad.github.com
Address 2: 192.30.253.113 lb-192-30-253-113-iad.github.com
admin@RT-AC86U:/tmp/home/root#
@RT-AX88U-29F0:/tmp/home/root# drill github.com
;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 44462
;; flags: qr rd ra ; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;; github.com. IN A
;; ANSWER SECTION:
github.com. 12 IN A 192.30.253.113
github.com. 12 IN A 192.30.253.112
;; AUTHORITY SECTION:
;; ADDITIONAL SECTION:
;; Query time: 140 msec
;; EDNS: version 0; flags: ; udp: 1452
;; SERVER: 192.168.50.1
;; WHEN: Sat Apr 6 21:56:48 2019
;; MSG SIZE rcvd: 91
@RT-AX88U-29F0:/tmp/home/root# nslookup github.com
Server: 192.168.50.1
Address 1: 192.168.50.1 router.asus.com
Name: github.com
Address 1: 192.30.253.112 lb-192-30-253-112-iad.github.com
Address 2: 192.30.253.113 lb-192-30-253-113-iad.github.com
server=127.0.0.1#5453
server=0::1#5453
server=/pool.ntp.org/1.1.1.1
proxy-dnssec
I can confirm on a brand new installation that Stubby includes my router's IP under the Server's name
Code:@RT-AX88U-29F0:/tmp/home/root# drill github.com ;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 44462 ;; flags: qr rd ra ; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;; github.com. IN A ;; ANSWER SECTION: github.com. 12 IN A 192.30.253.113 github.com. 12 IN A 192.30.253.112 ;; AUTHORITY SECTION: ;; ADDITIONAL SECTION: ;; Query time: 140 msec ;; EDNS: version 0; flags: ; udp: 1452 ;; SERVER: 192.168.50.1 ;; WHEN: Sat Apr 6 21:56:48 2019 ;; MSG SIZE rcvd: 91
Code:@RT-AX88U-29F0:/tmp/home/root# nslookup github.com Server: 192.168.50.1 Address 1: 192.168.50.1 router.asus.com Name: github.com Address 1: 192.30.253.112 lb-192-30-253-112-iad.github.com Address 2: 192.30.253.113 lb-192-30-253-113-iad.github.com
My /jffs/configs/dnsmasq.conf.add content:
Code:server=127.0.0.1#5453 server=0::1#5453 server=/pool.ntp.org/1.1.1.1 proxy-dnssec
And there is no "no-resolv" in /tmp/dnsmasq.conf
Has anything changed in this installation recently?
Welcome To SNBForums
SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.
If you'd like to post a question, simply register and have at it!
While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!