What's new

Unbound unbound_manager (Manager/Installer utility for unbound - Recursive DNS Server)

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Edit#2: just got the error again
Code:
Apr 26 13:58:42 unbound[3620:0] fatal error: Could not read config file: /unbound.conf. Maybe try unbound -dd, it stays on the commandline to see more errors, or unbound-checkconf
then i run rl and i get these two messages:
Code:
A:Option ==> rl safemoderpz.conf

unbound-checkconf: no errors in /opt/share/unbound/configs/safemoderpz.conf

unbound-checkconf: no errors in /opt/var/lib/unbound/unbound.conf

 Starting unbound...              done.

Checking status, please wait..... unbound OK
If i do just " rs " then i get the error again.
Is '/opt/share/unbound/configs/safemoderpz.conf' a complete unbound configuration file?

I can only speculate that there is something strange in 'safemoderpz.conf'
 
Is '/opt/share/unbound/configs/safemoderpz.conf' a complete unbound configuration file?

I can only speculate that there is something strange in 'safemoderpz.conf'
Yes. That's my modded config file. No problems before whether i restart unbound or reload, only after enabling firewall.
 
@Martineau
If you use Selective Routing, then if you use these rules
e.g. assuming your LAN subnet is the default
Code:
LAN 192.168.1.0/24 0.0.0.0 vpn
Router 192.168.1.1 0.0.0.0 wan
then any application running on the router e.g. unbound/Transmission/Aria2 etc. will bypass the VPN,

However, if this is not appropriate, you need to explicitly configure the Application to send its traffic via the VPN.

Thank you - that is exactly my current configuration. Now unbound is configured as follows:
Code:
[✔] unbound Logging
        [✔] Ad and Tracker Blocking (No. of Adblock domains=54842,Blocked Hosts=0,Whitelist=19)
        [✔] unbound CPU/Memory Performance tweaks
        [✔] Router Graphical GUI statistics TAB installed
        [✔] unbound-control FAST response ENABLED
        [✔] unbound requests via VPN Client 1 (10.29.10.6) tunnel ENABLED
        [✔] DNS Firewall ENABLED
 
...sorry for the intermission - happy finger syndrome...

Then 'Accept DNS Configuration' is disabled so I expect dnsleaktest.com to show my provider's IP ...and it does.

Edit - and by the way, all works very well - thank you all for that!
 
Hello, good, how the replies logging is activated.
Use the 'Advanced' menu command
Code:
e  = Exit Script [?]

A:Option ==> lo
 
Yes. That's my modded config file. No problems before whether i restart unbound or reload, only after enabling firewall.
Just a quick observation here, to use dns firewall do we need to have control-use-cert: yes or no?
Reason i ask is because if i put it to yes everything works fine and i get no errors:
Code:
[1587929667] unbound-control[22417:0] error: connect: Connection refused for 127.0.0.1 port 953
        'key-cache-size:'        (N/A)
[1587929667] unbound-control[22423:0] error: connect: Connection refused for 127.0.0.1 port 953
[1587929667] unbound-control[22425:0] error: connect: Connection refused for 127.0.0.1 port 953
        'msg-cache-size:'        (N/A)  0% used         (N/A)
[1587929667] unbound-control[22439:0] error: connect: Connection refused for 127.0.0.1 port 953
[1587929667] unbound-control[22441:0] error: connect: Connection refused for 127.0.0.1 port 953
        'rrset-cache-size:'      (N/A)  0% used         (N/A)
The above is with no, when i use yes i get no errors at all.
 
Just a quick observation here, to use dns firewall do we need to have control-use-cert: yes or no?
Reason i ask is because if i put it to yes everything works fine and i get no errors:
Code:
[1587929667] unbound-control[22417:0] error: connect: Connection refused for 127.0.0.1 port 953
        'key-cache-size:'        (N/A)
[1587929667] unbound-control[22423:0] error: connect: Connection refused for 127.0.0.1 port 953
[1587929667] unbound-control[22425:0] error: connect: Connection refused for 127.0.0.1 port 953
        'msg-cache-size:'        (N/A)  0% used         (N/A)
[1587929667] unbound-control[22439:0] error: connect: Connection refused for 127.0.0.1 port 953
[1587929667] unbound-control[22441:0] error: connect: Connection refused for 127.0.0.1 port 953
        'rrset-cache-size:'      (N/A)  0% used         (N/A)
The above is with no, when i use yes i get no errors at all.
Nevermind even with yes unbound stops responding and gives a warning and errors. I disabled/uninstalled for now until i find some patience.
 
Try
Code:
unbound_manager    recovery
then you should be able to start the menu and use '1/i pdate unbound files and configuration' and start unbound.

When I do that, I get this error
Code:
admin@RT-AC68U-03B0-Yggdrasil:/tmp/home/root# unbound_manager recovery

Recovery: Reloading 'unbound.conf' <<== /opt/share/unbound/configs/reset.conf status= ***ERROR unbound NOT 
running! - option unavailable
Segmentation fault
***ERROR unbound NOT running! - option unavailable
and when I try to install through the menu I still get the same
Code:
fatal error: control-key-file: "(null)" does not exist
error I did before.
 
I have a question about saving the Unbound DNS cache. I did an upgrade from 384.16 to 384.17 beta1. The DNS cache was empty afterwards (see picture).
Before I do an update again I would like to know if there is a way I can backup and restore the cache?
Thanks!
e41cde30781f3f3821906b1234ecc007.jpg


ONEPLUS 5T with Tapatalk
 
When I do that, I get this error
Code:
admin@RT-AC68U-03B0-Yggdrasil:/tmp/home/root# unbound_manager recovery

Recovery: Reloading 'unbound.conf' <<== /opt/share/unbound/configs/reset.conf status= ***ERROR unbound NOT
running! - option unavailable
Segmentation fault
***ERROR unbound NOT running! - option unavailable
and when I try to install through the menu I still get the same
Code:
fatal error: control-key-file: "(null)" does not exist
error I did before.
Which Router model/firmware release?

Perhaps you can provide the output from these commands
Code:
unbound -V

unbound -dv
then I suggest you manually wipe 'unbound_manager'
Code:
rm /opt/etc/init.d/S61unbound

rm -r /opt/var/lib/unbound

rm -r /jffs/addons/unbound
and attempt an unbound_manager/unbound reinstall either from amtm or copy'n'paste the manual install command

I have not experienced the segmentation fault so I suggest you ensure the Entware packages are up to date and pre-empt the unbound specific Entware repository issue described here

If the reinstall still fails then I suggest you report your issue on the vendor's official Unbound-users -- Unbound users discussion list
 
Last edited:
I have a question about saving the Unbound DNS cache. I did an upgrade from 384.16 to 384.17 beta1. The DNS cache was empty afterwards (see picture).
Before I do an update again I would like to know if there is a way I can backup and restore the cache?
Thanks!
e41cde30781f3f3821906b1234ecc007.jpg

Before performing a firmware upgrade, you should always perform the following mandatory manual tasks
  1. Backup /jffs/
  2. Backup NVRAM variables

  3. Cleanly unmount the USB attached disk(s)
If you're concerned about preserving your unbound cache then you will need to add an extra manual task (step 3) to save it. (I doubt the firmware update process honours/executes the 'services-stop' script)

i.e. in 'Advanced' mode see the option under the '3 Advanced Tools' menu
Code:
dumpcache = [bootrest] (or Manually use restorecache after REBOOT)

e  = Exit Script [?]

[Enter] Leave Advanced Tools Menu

e  = Exit Script [?]

A:Option ==> dumpcache
If you use the 'bootrest' option, the cache restore command will be permanently added to 'post-mount' and will write a message in Syslog during the boot sequence if it finds a cache file to auto-restore:
Code:
RT-AC68U post-mount[2303]:     unbound cache RESTORED from '/opt/share/unbound/configs/cache.txt'

NOTE: As stated many times, whilst preserving the unbound DNS cache seems to be in fashion (no one ever worried/expressed concern about losing/restoring dnsmasq's DNS cache :rolleyes:) there are dangers e.g. malacious cache poisoning, or unintended propogation of stale cache entries.

So if for example you have used 'dumpcache' to backup unbound's cache, suppose you have issues with the firmware upgrade that takes say an hour to resolve.

Do you really want to restore a cache that basically is well past its sell-by-date?o_O
 
Last edited:
EDIT: I've been typing this live while troubleshooting so that I'd still have a record of everything that I tried along with the output. Before pressing "Post Reply" I decided to go through and try everything one more time and this time, oddly enough, it worked! I'm still going to post this just in case someone else needs the information though.

Which Router model/firmware release?

Perhaps you can provide the output from these commands
Code:
unbound -V

unbound -dv
then I suggest you manually wipe 'unbound_manager'
Code:
rm /opt/etc/init.d/S61unbound

rm -r /opt/var/lib/unbound

rm -r /jffs/addons/unbound
and attempt an unbound_manager/unbound reinstall either from amtm or copy'n'paste the manual install command

I have not experienced the segmentation fault so I suggest you ensure the Entware packages are up to date and pre-empt the unbound specific Entware repository issue described here

If the reinstall still fails then I suggest you report your issue on the vendor's official Unbound-users -- Unbound users discussion list

I was running an AC68U with 384.15 but, I've updated to 384.17 and I still get the same error.
Code:
admin@RT-AC68U-03B0-Yggdrasil:/tmp/home/root# unbound -v
unbound: symbol lookup error: unbound: undefined symbol: log_ident_set_default
admin@RT-AC68U-03B0-Yggdrasil:/tmp/home/root# unbound -dv
unbound: symbol lookup error: unbound: undefined symbol: log_ident_set_default

I then made sure that all of Unbound was removed using the commands you listed and ran the "opkg remove --force-depends libunbound" command from your linked post. After which I tried installing Unbound Manager again using the manual link from Github. The following is my output.

Code:
+======================================================================+
| Welcome to the unbound Manager/Installation script (Asuswrt-Merlin) |
| |
| Version 3.07 by Martineau |
| |
| Requirements: USB drive with Entware installed |
| |
| 1 = Install unbound DNS Server |

+======================================================================+
| Welcome to the unbound Manager/Installation script (Asuswrt-Merlin) |
| |
| Version 3.07 by Martineau |
| |
| Requirements: USB drive with Entware installed |
| |
| 1 = Install unbound DNS Server |
| o1. Enable unbound Logging |
| o2. Integrate with Stubby (Advanced Users) |
| o3. Install Ad and Tracker Blocking |
| o4. Customise CPU/Memory usage |
| o5. Disable Firefox DNS-over-HTTPS (DoH) (USA users) |
| o6. Install Graphical Statistics GUI (Add-ons) TAB |
| o7. Integrate with DoT (Advanced Users) |
| o8. Enable DNS Firewall |
| |
| |
| See SNBForums thread https://tinyurl.com/s89z3mm for helpful |
| user tips on unbound usage/configuration. |
+======================================================================+
1 = Begin unbound Installation Process
2 = Remove unbound/unbound_manager
3 = n/a Start unbound
4 = n/a Show unbound statistics
5 = n/a Install Ad and Tracker blocker (Ad Block)
6 = n/a Install Graphical Statistics GUI Add-on TAB
7 = n/a Enable DNS Firewall

? = About Configuration


e = Exit Script [?]

E:Option ==> 1

Router Configuration recommended pre-reqs status:

[✔] Swapfile=2097148 kB
[✔] DNS Filter=ON
[✔] DNS Filter=ROUTER
[✔] WAN: Use local caching DNS server as system resolver=NO
[✔] Entware NTP server is running
[✔] Enable DNS Rebind protection=NO
[✔] Enable DNSSEC support=NO

Options:


UPDATEing unbound
Entware package list successfully updated
Package unbound-checkconf (1.10.0-2) installed in root is up to date.
Installing unbound-control-setup (1.10.0-2) to root...
Downloading http://bin.entware.net/armv7sf-k2.6/unbound-control-setup_1.10.0-2_armv7-2.6.ipk
Installing openssl-util (1.1.1d-2) to root...
Downloading http://bin.entware.net/armv7sf-k2.6/openssl-util_1.1.1d-2_armv7-2.6.ipk
Package unbound-control (1.10.0-2) installed in root is up to date.
Package unbound-anchor (1.10.0-2) installed in root is up to date.
Package unbound-daemon (1.10.0-2) installed in root is up to date.
Configuring openssl-util.
Configuring unbound-control-setup.
unbound Entware packages 'unbound-checkconf unbound-control-setup unbound-control unbound-anchor unbound-daemon' success
fully installed
Created project directory /opt/var/lib/unbound
Created project directory /opt/var/lib/unbound/adblock
Initialising 'unbound-control-setup' to generate SSL Keys
setup in directory /opt/var/lib/unbound
generating unbound_server.key
Generating RSA private key, 3072 bit long modulus
..................................................++++
..........................++++
e is 65537 (0x10001)
generating unbound_control.key
Generating RSA private key, 3072 bit long modulus
.............................................................................++++
........................................................................................++++
e is 65537 (0x10001)
create unbound_server.pem (self signed certificate)
create unbound_control.pem (signed client certificate)
Signature ok
subject=/CN=unbound-control
Getting CA Private Key
Setup success. Certificates created. Enable in unbound.conf file to use
Removing package unbound-control-setup from root...
Removing package openssl-util from root...
Package column (2.35.1-1) installed in root is up to date.
Entware package 'column' successfully installed
Package diffutils (3.7-2) installed in root is up to date.
Entware package 'diffutils' successfully installed
Package bind-dig (9.14.8-1) installed in root is up to date.
Entware package 'bind-dig' successfully installed
Package haveged (1.9.8-2) installed in root is up to date.
Entware package 'haveged' successfully installed
Updating S02haveged
S02haveged downloaded successfully
Shutting down haveged... done.
Starting haveged... done.
Customising 'dnsmasq.postconf' (aka '/jffs/addons/unbound/unbound.postconf')
Updating S61unbound
S61unbound downloaded successfully
Generating unbound-anchor 'root.key'.....
Retrieving the 13 InterNIC Root DNS Servers from 'https://www.internic.net/domain/named.cache'.....
################################################################################################################# 100.0%
Retrieving Custom unbound configuration
unbound.conf downloaded successfully
doc/example.conf.in downloaded successfully
Checking IPv6.....
Customising unbound IPv6 configuration.....
Customising unbound configuration Options:

Do you want to ENABLE unbound logging? (NO recommended)

Reply 'y' or press ENTER to skip

Bad address
[1588023014] unbound-checkconf[21793:0] fatal error: control-key-file: "(null)" does not exist
Restarting dnsmasq.....
Done.

***ERROR FATAL...ABORTing!
 
EDIT: I've been typing this live while troubleshooting so that I'd still have a record of everything that I tried along with the output. Before pressing "Post Reply" I decided to go through and try everything one more time and this time, oddly enough, it worked! I'm still going to post this just in case someone else needs the information though.



I was running an AC68U with 384.15 but, I've updated to 384.17 and I still get the same error.
Code:
admin@RT-AC68U-03B0-Yggdrasil:/tmp/home/root# unbound -v
unbound: symbol lookup error: unbound: undefined symbol: log_ident_set_default
admin@RT-AC68U-03B0-Yggdrasil:/tmp/home/root# unbound -dv
unbound: symbol lookup error: unbound: undefined symbol: log_ident_set_default

I then made sure that all of Unbound was removed using the commands you listed and ran the "opkg remove --force-depends libunbound" command from your linked post. After which I tried installing Unbound Manager again using the manual link from Github. The following is my output.

Code:
+======================================================================+
| Welcome to the unbound Manager/Installation script (Asuswrt-Merlin) |
| |
| Version 3.07 by Martineau |
| |
| Requirements: USB drive with Entware installed |
| |
| 1 = Install unbound DNS Server |

+======================================================================+
| Welcome to the unbound Manager/Installation script (Asuswrt-Merlin) |
| |
| Version 3.07 by Martineau |
| |
| Requirements: USB drive with Entware installed |
| |
| 1 = Install unbound DNS Server |
| o1. Enable unbound Logging |
| o2. Integrate with Stubby (Advanced Users) |
| o3. Install Ad and Tracker Blocking |
| o4. Customise CPU/Memory usage |
| o5. Disable Firefox DNS-over-HTTPS (DoH) (USA users) |
| o6. Install Graphical Statistics GUI (Add-ons) TAB |
| o7. Integrate with DoT (Advanced Users) |
| o8. Enable DNS Firewall |
| |
| |
| See SNBForums thread https://tinyurl.com/s89z3mm for helpful |
| user tips on unbound usage/configuration. |
+======================================================================+
1 = Begin unbound Installation Process
2 = Remove unbound/unbound_manager
3 = n/a Start unbound
4 = n/a Show unbound statistics
5 = n/a Install Ad and Tracker blocker (Ad Block)
6 = n/a Install Graphical Statistics GUI Add-on TAB
7 = n/a Enable DNS Firewall

? = About Configuration


e = Exit Script [?]

E:Option ==> 1

Router Configuration recommended pre-reqs status:

[✔] Swapfile=2097148 kB
[✔] DNS Filter=ON
[✔] DNS Filter=ROUTER
[✔] WAN: Use local caching DNS server as system resolver=NO
[✔] Entware NTP server is running
[✔] Enable DNS Rebind protection=NO
[✔] Enable DNSSEC support=NO

Options:


UPDATEing unbound
Entware package list successfully updated
Package unbound-checkconf (1.10.0-2) installed in root is up to date.
Installing unbound-control-setup (1.10.0-2) to root...
Downloading http://bin.entware.net/armv7sf-k2.6/unbound-control-setup_1.10.0-2_armv7-2.6.ipk
Installing openssl-util (1.1.1d-2) to root...
Downloading http://bin.entware.net/armv7sf-k2.6/openssl-util_1.1.1d-2_armv7-2.6.ipk
Package unbound-control (1.10.0-2) installed in root is up to date.
Package unbound-anchor (1.10.0-2) installed in root is up to date.
Package unbound-daemon (1.10.0-2) installed in root is up to date.
Configuring openssl-util.
Configuring unbound-control-setup.
unbound Entware packages 'unbound-checkconf unbound-control-setup unbound-control unbound-anchor unbound-daemon' success
fully installed
Created project directory /opt/var/lib/unbound
Created project directory /opt/var/lib/unbound/adblock
Initialising 'unbound-control-setup' to generate SSL Keys
setup in directory /opt/var/lib/unbound
generating unbound_server.key
Generating RSA private key, 3072 bit long modulus
..................................................++++
..........................++++
e is 65537 (0x10001)
generating unbound_control.key
Generating RSA private key, 3072 bit long modulus
.............................................................................++++
........................................................................................++++
e is 65537 (0x10001)
create unbound_server.pem (self signed certificate)
create unbound_control.pem (signed client certificate)
Signature ok
subject=/CN=unbound-control
Getting CA Private Key
Setup success. Certificates created. Enable in unbound.conf file to use
Removing package unbound-control-setup from root...
Removing package openssl-util from root...
Package column (2.35.1-1) installed in root is up to date.
Entware package 'column' successfully installed
Package diffutils (3.7-2) installed in root is up to date.
Entware package 'diffutils' successfully installed
Package bind-dig (9.14.8-1) installed in root is up to date.
Entware package 'bind-dig' successfully installed
Package haveged (1.9.8-2) installed in root is up to date.
Entware package 'haveged' successfully installed
Updating S02haveged
S02haveged downloaded successfully
Shutting down haveged... done.
Starting haveged... done.
Customising 'dnsmasq.postconf' (aka '/jffs/addons/unbound/unbound.postconf')
Updating S61unbound
S61unbound downloaded successfully
Generating unbound-anchor 'root.key'.....
Retrieving the 13 InterNIC Root DNS Servers from 'https://www.internic.net/domain/named.cache'.....
################################################################################################################# 100.0%
Retrieving Custom unbound configuration
unbound.conf downloaded successfully
doc/example.conf.in downloaded successfully
Checking IPv6.....
Customising unbound IPv6 configuration.....
Customising unbound configuration Options:

Do you want to ENABLE unbound logging? (NO recommended)

Reply 'y' or press ENTER to skip

Bad address
[1588023014] unbound-checkconf[21793:0] fatal error: control-key-file: "(null)" does not exist
Restarting dnsmasq.....
Done.

***ERROR FATAL...ABORTing!
Do you still get the same errors from the two commands?
Code:
unbound -v

unbound: symbol lookup error: unbound: undefined symbol: log_ident_set_default

unbound -dv

unbound: symbol lookup error: unbound: undefined symbol: log_ident_set_default
Can you post the '/opt/var/lib/unbound/unbound.config'
 
Do you still get the same errors from the two commands?
Code:
unbound -v

unbound: symbol lookup error: unbound: undefined symbol: log_ident_set_default

unbound -dv

unbound: symbol lookup error: unbound: undefined symbol: log_ident_set_default
Can you post the '/opt/var/lib/unbound/unbound.config'

I had a USB key go read only. Restored to a new drive and was getting a segmentation fault. Ended up removing all of entware and reinstalled. Seg fault gone.

Likely not the same issue. But it could be a bad binary.
 
Hello all....I have a bit of a VPN tunnel quirk that I can't explain....probably an obvious issue but....

Nevertheless, I modify the .conf file via 'vx' and add the outgoing server IP. Save (Ctrl-X and save buffer yes)...no issue. Issue VPN 1 command and all starts without issue.

However, if I disable the vpn tunnel (vpn disable), modify the .conf file with an alternative IP address, save and exit (and reconfirm the .conf file mod took via the 'v' command)....if I try and start the tunnel again via 'vpn 1'....it reverts the outgoing IP address to the original I had initially defined and actually overwrites the .conf file to the initial attempt version (which is confirmed via the 'v' command and viewing the IP address).

Any thoughts on what I may be doing incorrectly?
 
Last edited:
However, if I disable the vpn tunnel (vpn disable), modify the .conf file with an alternative IP address, save and exit (and reconfirm the .conf file mod took via the 'v' command)....if I try and start the tunnel again via 'vpn 1'...

the command "vpn 1" will update the conf file with whatever is the current IP for vpnclient1
"vpn 2" for client 2 IP, etc
the "1" means vpn client 1; it is not "1" as in "enable". it's the client #id
 
the command "vpn 1" will update the conf file with whatever is the current IP for vpnclient1
"vpn 2" for client 2 IP, etc
the "1" means vpn client 1; it is not "1" as in "enable". it's the client #id
Thank you.....but does this imply then that the modification to the .conf file is not required?

If I understand you correctly, if I enable the tunnel via vpn 1, does it 'auto' associate with the IP setting from VPN Client 1 as defined in the GUI? Again, if that's the case, why is the modification to the conf file required?

(And I then presume that whatever the Client setup in the GUI is for Client 1/2/3 will always overwrite the conf file addition, as that is what is happening to me). thanks again
 
Thank you.....but does this imply then that the modification to the .conf file is not required?

If I understand you correctly, if I enable the tunnel via vpn 1, does it 'auto' associate with the IP setting from VPN Client 1 as defined in the GUI? Again, if that's the case, why is the modification to the conf file required?

(And I then presume that whatever the Client setup in the GUI is for Client 1/2/3 will always overwrite the conf file addition, as that is what is happening to me). thanks again

Do you understand the concept of a '.conf' file ?

Do you understand when the contents of 'unbound.conf' file is actually used/applied ?

unbound is passive and does not react to changes in external parameters such as when the VPN Client gateway IP changes.

If you choose to BIND unbound to a specific VPN Client, then if the VPN Client gateway IP changes or is physically removed, then it is up to you to ensure that the information is passed to unbound (via 'unbound.conf').

This can be automated by using the appropriate openvpn-event trigger script, or you can wait until DNS suddenly stops working, then panic and manually update the appropriate 'unbound.conf' directive.

Either way, changes need to be made to the 'unbound.conf' file to maintain the integrity of unbound.

If you have a requirement to BIND to a different interface other than the two currently available i.e. WAN or VPN, then simply update the Gateway manually and refrain from using the 'vpn' and 'bind' commands or create a pull request on GitHub to expand the current feature.
 
Last edited:
Do you understand the concept of a '.conf' file ?

Do understand when the contents of 'unbound.conf' file is actually used/applied ?

unbound is passive and does not react to changes in external parameters such as when the VPN Client gateway IP changes.

If you choose to BIND unbound to a specific VPN Client, then if the VPN Client gateway IP changes or is physically removed, then it is up to you to ensure that the information is passed to unbound (via 'unbound.conf').

This can be automated by using the appropriate openvpn-event trigger script, or you can wait until DNS suddenly stops working, then panic and manually update the appropriate 'unbound.conf' directive.

Either way, changes need to be made to the 'unbound.conf' file to maintain the integrity of unbound.

If you have a requirement to BIND to a different interface other than the two currently available i.e. WAN or VPN, then simply update the Gateway manually and refrain from using the 'vpn' and 'bind' commands or create a pull request on GitHub to expand the current feature.

There are many things I do not understand....but nothing in the sermon you just provided answered my question(s) nor explains why the .conf file behaviour is behaving as it is (at least not in a way that I understand clearly).

Naturally I would have expected and still do expect that unbound is passive and it only acts on inputs it is provided...it is not AI.....but then how is it explained on then why when starting the tunnel via the vpn 1 call would the .conf file duly edited (by me) be overwritten with whatever VPN IP address is set in the GUI? That is really the question I have...thank you.
 

Similar threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top