Stubby-Installer-Asuswrt-Merlin

[Marin]

Comparing outputs now.....Would this have something to do with it?

Could this be as result of the Pixelserv CA in the Administration?

I am not sure what it looks like in yours.

 

[skeal]

Comparing outputs now.....Would this have something to do with it?

View attachment 16916

View attachment 16917

Could this be as result of the Pixelserv CA in the Administration?

View attachment 16918

I am not sure what it looks like in yours.

Nope I have the same as you and I just reran the test again and its the same results as I gave you before. It uses 127.0.0.1

 

[skeal]

You need that no-resolve in /tmp/etc/dnsmasq.conf

 

[skeal]

If that works the installer is messed up for the AX88U

 

[Marin]

Well, reinstalled Stubby:

Haveged successfully updated
 Shutting down haveged...              done.
 Starting haveged...              done.
Required dnsmasq parm no-resolv found in /tmp/etc/dnsmasq.conf
Required dnsmasq parm server=127.0.0.1#5453 found in /tmp/etc/dnsmasq.conf
Adding server=0::1#5453 to /jffs/configs/dnsmasq.conf.add
Required dnsmasq parm server=/pool.ntp.org/1.1.1.1 found in /tmp/etc/dnsmasq.conf
Existing stubby.yml found
stubby.yml backed up to stubby.yml.2019-04-06_17-24-47
stubby.yml downloaded successfully
S61stubby downloaded successfully

and I am still getting:

@RT-AX88U-29F0:/tmp/home/root# nslookup github.com
Server:    192.168.50.1
Address 1: 192.168.50.1 router.asus.com

Name:      github.com
Address 1: 192.30.253.112 lb-192-30-253-112-iad.github.com
Address 2: 192.30.253.113 lb-192-30-253-113-iad.github.com

I have this in my /jffs/configs/dnsmasq.conf.add:

no-resolv
server=127.0.0.1#5453

server=/pool.ntp.org/1.1.1.1

proxy-dnssec
server=0::1#5453

This is bizarre....@Adamm and @Xentrk, any thoughts on why this is?

 

[skeal]

I have this in my /jffs/configs/dnsmasq.conf.add:

no-resolv
server=127.0.0.1#5453

server=/pool.ntp.org/1.1.1.1

proxy-dnssec
server=0::1#5453

I have this in the same file.

server=127.0.0.1#5453
server=0::1#5453
server=/pool.ntp.org/1.1.1.1

 

[Marin]

You need that no-resolve in /tmp/etc/dnsmasq.conf

Do you have it in yours?

 

[skeal]

Do you have it in yours?

Yes I do. The contents of the file above is like that because I use the dnssec settings in he gui. Not proxy-dnssec.

 

[Marin]

I added "no-resolv" there but still I get:

7@RT-AX88U-29F0:/tmp/home/root# nslookup github.com
Server:    192.168.50.1
Address 1: 192.168.50.1 router.asus.com

Name:      github.com
Address 1: 192.30.253.113 lb-192-30-253-113-iad.github.com
Address 2: 192.30.253.112 lb-192-30-253-112-iad.github.com

I am lost....

 

[Marin]

....maybe getting closer to a factory reset and "from scratch" AMTM install....but I just did that with 384.10. I have unistalled Stubby several times in the last few days and installed it back but not sure why this is.....I am wondering if any Entware updates may be the cause for this.....uhmmm. Although I never use Option 3 from AMTM (always use the ep option from Diversion)....

 

[skeal]

In my /jffs/configs/dnsmasq.conf.add:

server=127.0.0.1#5453
server=0::1#5453
server=/pool.ntp.org/1.1.1.1

No proxy-dnssec for me.
Nothing else in this file.

In /tmp/etc/dnsmasq.conf I have:

no-resolv

Among a pile of other stuff.

Have you tried a removal of stubby and a reinstall after it reboots you?

 

[skeal]

Copy my stuff and bounce stubby.

 

[Marin]

Yes, I always reboot and allow for the router to stabilize a bit before attempting...

....and have updated the installer as well:

sh /jffs/scripts/install_stubby.sh

but no luck....oh well....I will take a close look at my configuration to see if there is anything there....

I also generated a new server certificate but that did not make any difference...so Pixelserve CA as a potential issue is ruled out

 

[Marin]

Copy my stuff and bounce stubby.

I did...thank you, I appreciate it. But it didn't resolve my solution....

 

[EmeraldDeer]

I did...thank you, I appreciate it. But it didn't resolve my solution....

I think it might be on behalf of folks using router VPN clients, but Stubby-Installer put a line in my /etc/dnsmasq.conf for a servers file which contains 192.168.50.1. Yet my lookup server shows as 127.0.0.1.

# grep server /etc/dnsmasq.conf
servers-file=/tmp/resolv.dnsmasq
server=127.0.0.1#5453
server=0::1#5453
server=/pool.ntp.org/1.1.1.1

# cat /tmp/resolv.dnsmasq
server=192.168.50.1

# drill github.com
;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 32172
;; flags: qr rd ra ; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;; github.com.  IN      A

;; ANSWER SECTION:
github.com.     22      IN      A       192.30.253.113
github.com.     22      IN      A       192.30.253.112

;; AUTHORITY SECTION:

;; ADDITIONAL SECTION:

;; Query time: 102 msec
;; EDNS: version 0; flags: ; udp: 1452
;; SERVER: 127.0.0.1
;; WHEN: Sat Apr  6 19:20:17 2019
;; MSG SIZE  rcvd: 91

# nslookup github.com
Server:    127.0.0.1
Address 1: 127.0.0.1 localhost.localdomain

Name:      github.com
Address 1: 192.30.253.112 lb-192-30-253-112-iad.github.com
Address 2: 192.30.253.113 lb-192-30-253-113-iad.github.com

 

[EmeraldDeer]

This is interesting indeed.....not sure why my IP is being picked instead.

I don't have "no-resolv" in my /tmp/dnsmasq.conf either but again it is not on /jffs/configs/dnsmasq.conf.add as this says:

View attachment 16915

If anything, not having no-resolv might help.

# ls -la /etc/resolv.conf
lrwxrwxrwx    1 HdB34266 root            20 Apr  6 18:45 /etc/resolv.conf -> /rom/etc/resolv.conf

# cat /rom/etc/resolv.conf
nameserver 127.0.0.1

 

[L&LD]

Yes, I always reboot and allow for the router to stabilize a bit before attempting...

....and have updated the installer as well:

sh /jffs/scripts/install_stubby.sh

but no luck....oh well....I will take a close look at my configuration to see if there is anything there....

I also generated a new server certificate but that did not make any difference...so Pixelserve CA as a potential issue is ruled out

Just want to add that on a fresh M&M Config with no features or scripts enabled, this is my output.

ASUSWRT-Merlin RT-AC86U 384.10-2 Wed Apr  3 22:32:15 UTC 2019
admin@RT-AC86U:/tmp/home/root# nslookup github.com
Server:    127.0.0.1
Address 1: 127.0.0.1 localhost.localdomain

Name:      github.com
Address 1: 192.30.253.112 lb-192-30-253-112-iad.github.com
Address 2: 192.30.253.113 lb-192-30-253-113-iad.github.com
admin@RT-AC86U:/tmp/home/root#

Marin, I hope this helps in some way.

 

[Marin]

Resetting and reinstalling everything slowly....I will report soon if output changes once Stubby is installed...thanks for the feedback everyone

 

[Marin]

I can confirm on a brand new installation that Stubby includes my router's IP under the Server's name

@RT-AX88U-29F0:/tmp/home/root# drill github.com
;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 44462
;; flags: qr rd ra ; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;; github.com.    IN    A

;; ANSWER SECTION:
github.com.    12    IN    A    192.30.253.113
github.com.    12    IN    A    192.30.253.112

;; AUTHORITY SECTION:

;; ADDITIONAL SECTION:

;; Query time: 140 msec
;; EDNS: version 0; flags: ; udp: 1452
;; SERVER: 192.168.50.1
;; WHEN: Sat Apr  6 21:56:48 2019
;; MSG SIZE  rcvd: 91

@RT-AX88U-29F0:/tmp/home/root# nslookup github.com
Server:    192.168.50.1
Address 1: 192.168.50.1 router.asus.com

Name:      github.com
Address 1: 192.30.253.112 lb-192-30-253-112-iad.github.com
Address 2: 192.30.253.113 lb-192-30-253-113-iad.github.com

My /jffs/configs/dnsmasq.conf.add content:

server=127.0.0.1#5453
server=0::1#5453
server=/pool.ntp.org/1.1.1.1
proxy-dnssec

And there is no "no-resolv" in /tmp/dnsmasq.conf

Has anything changed in this installation recently?

 

[L&LD]

I can confirm on a brand new installation that Stubby includes my router's IP under the Server's name

@RT-AX88U-29F0:/tmp/home/root# drill github.com
;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 44462
;; flags: qr rd ra ; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;; github.com.    IN    A

;; ANSWER SECTION:
github.com.    12    IN    A    192.30.253.113
github.com.    12    IN    A    192.30.253.112

;; AUTHORITY SECTION:

;; ADDITIONAL SECTION:

;; Query time: 140 msec
;; EDNS: version 0; flags: ; udp: 1452
;; SERVER: 192.168.50.1
;; WHEN: Sat Apr  6 21:56:48 2019
;; MSG SIZE  rcvd: 91

@RT-AX88U-29F0:/tmp/home/root# nslookup github.com
Server:    192.168.50.1
Address 1: 192.168.50.1 router.asus.com

Name:      github.com
Address 1: 192.30.253.112 lb-192-30-253-112-iad.github.com
Address 2: 192.30.253.113 lb-192-30-253-113-iad.github.com

My /jffs/configs/dnsmasq.conf.add content:

server=127.0.0.1#5453
server=0::1#5453
server=/pool.ntp.org/1.1.1.1
proxy-dnssec

And there is no "no-resolv" in /tmp/dnsmasq.conf

Has anything changed in this installation recently?

Was it showing correctly before Stubby was installed? (See my previous post above).

Is your issue just on the RT-AX88U?