Unbound unbound_manager (Manager/Installer utility for unbound - Recursive DNS Server) - General questions / discussion thread 2

[fearz]

From my experience, Unbound + diversion doesn't work well, whether i disable unbound adblocker or not...finally both dont function...
if anyone has any solution let me know.

 

[L&LD]

From my experience on many RMerlin supported Asus routers, and in various networks and environments, Unbound + Diversion work beautifully together.

 

[fearz]

From my experience on many RMerlin supported Asus routers, and in various networks and environments, Unbound + Diversion work beautifully together.

do you enable to disable unbound adblocker? or leave it off and enble diversion? do you use skynethw with them ? ow if i want to whitelist a domain on unbound?

 

[L&LD]

Look in my signature below for the scripts I use.

I let Skynet do it’s thing, Diversion what it’s meant to do, and Unbound to speed everything up.

I find using the scripts as close to their defaults as you can is the best for performance, stability and reliability of the router and network.

Just because an option is available, doesn’t mean you need to use it.

Whitelist anything in Diversion? Nothing is that important on the web to me.

 

[fearz]

Look in my signature below for the scripts I use.

I let Skynet do it’s thing, Diversion what it’s meant to do, and Unbound to speed everything up.

I find using the scripts as close to their defaults as you can is the best for performance, stability and reliability of the router and network.

Just because an option is available, doesn’t mean you need to use it.

Whitelist anything in Diversion? Nothing is that important on the web to me.

Yes but when i install 3...adblocker stops whether diversion or unbound, how do you congiure that?

 

[SomeWhereOverTheRainBow]

Yes but when i install 3...adblocker stops whether diversion or unbound, how do you congiure that?

Unbound+diversion+skynet with unbound adblocker not used.

 

[fearz]

Unbound+diversion+skynet with unbound adblocker not used.

I'll try tht again and feedback...

Do you have any solution whther using lets encrypt or pixelserver, (i would reallt want both to work (192.168.2.1 <- to be HTTPS) and also my nane.asuscomm.com to be HTTPS...

also router.asus.com should be HTTPS...

Can you help

 

[SomeWhereOverTheRainBow]

I'll try tht again and feedback...

Do you have any solution whther using lets encrypt or pixelserver, (i would reallt want both to work (192.168.2.1 <- to be HTTPS) and also my nane.asuscomm.com to be HTTPS...

also router.asus.com should be HTTPS...

Can you help

use letsencrypt + no pixelserv otherwise you need to understand how to configure pixelserv to use a different address for https than 443. Diversion is not configured for this. or lets-encrypt +pixelserv, with your AiCloud set to a different port such a 9443 instead of 443 --> your nane.asuscomm.com is still https just not https on a standard https port.

 

[fearz]

use letsencrypt + no pixelserv otherwise you need to understand how to configure pixelserv to use a different address for https than 443. Diversion is not configured for this. or lets-encrypt +pixelserv, with your AiCloud set to a different port such a 9443 instead of 443 --> your nane.asuscomm.com is still https just not https on a standard https port.

Ok, ill change the Aidisk port to 9494

Ill change the WebGUI to 443

i'll use Lets Encrypt...

now what will that accomplish?

and what if i want to secure router.asus.com or 192.168.2.1
?

 

[SomeWhereOverTheRainBow]

Ok, ill change the Aidisk port to 9494

Ill change the WebGUI to 443

i'll use Lets Encrypt...

now what will that accomplish?

and what if i want to secure router.asus.com or 192.168.2.1
?

The point is you need port 443 to be free for pixelserv. use 8443 for webgui and some non standard port for aicloud. technically you can use self signed certificate and it be just as secure as lets encrypt, but you would have to distribute it to your devices.

 

[fearz]

The point is you need port 443 to be free for pixelserv. use 8443 for webgui and some non standard port for aicloud. technically you can use self signed certificate and it be just as secure as lets encrypt, but you would have to distribute it to your devices.

i alreayd set aicloud to port 9898 so and i set HTTPS LAN ort to 8888 , so now 443 is free...now what?

 

[SomeWhereOverTheRainBow]

i alreayd set aicloud to port 9898 so and i set HTTPS LAN ort to 8888 , so now 443 is free...now what?

you should be good to use diversion. Lets encrypt should just work.

 

[fearz]

you should be good to use diversion. Lets encrypt should just work.

I freed 443 for pixelserv, and still neither 192.168.2.1 or routerasus.com uses HTTPS...

 

[SomeWhereOverTheRainBow]

I freed 443 for pixelserv, and still neither 192.168.2.1 or routerasus.com uses HTTPS...

you need to type in the address https://192.168.2.1:9898 or https://192.168.2.1:8888
the equivalent would be https://name.asuscomm.com:9898 and https://name.asuscomm.com:8888

or https://router.asus.com:9898 or https://router.asus.com:8888

Note if you are still updating your letsencrypt, you may need to reboot the router for the new cert to stick.

 

[fearz]

See, when i install unbound + diersion + skynet...after while adblock stops...
i tried installing/uninstlling unbound adblocker...and restarted diversion..it just wont work

 

[fearz]

Maybe unbound doesnt use pixelserv or local router I thats why its not blocking??

any ideas?

 

[SomeWhereOverTheRainBow]

Maybe unbound doesnt use pixelserv or local router I thats why its not blocking??

any ideas?

maybe you are using unbound improperly for the combination meaning dnsmasq must remain the active DNS and unbound should reside on a separate port. it is important to see screenshots of how you install unbound and what the inside of your unbound.conf looks like.

 

[fearz]

maybe you are using unbound improperly for the combination meaning dnsmasq must remain the active DNS and unbound should reside on a separate port. it is important to see screenshots of how you install unbound and what the inside of your unbound.conf looks like.

Can you please give me an example of the conf or the screenshots?

 

[fearz]

I'd really like to use unbound + diversion, but when i setup both, Adblocker stops working...
there must be some setting / configuration to have both work,,,,

any help would be much appreciated.

 

[JaimeZX]

What order did you install them? I do (1) Skynet, (2) Diversion, (3) Unbound.

Diversion gets the Medium list, with Pixelserv on 192.168.x.3.

Unbound has default .conf, except I boosted the cache time to 24 hours from default.