Stupid question: what’s the benefit of unbound vs. default dns settings?
Best bet is just google it.
If I tell you what I think someone will just argue with me.
I like using it and when it is properly confg for dd-wrt (when the devs get it right) it will never ever give you any DNS problems.
The r35452 is also running unbound 1.7.0 which is the very latest available.
There is an unbound site https://www.unbound.net
It gets fairly techy for the av Joe iffin you aint familiar with it.
I figure the r7500v2 has it ????
Turn it on , let it run for few days
I've never ever had any problem with local host names....of course any device I might care to contact also holds a static lease.
I haven't used IPs to get to any of my devices in years....local or via ovpn.
devicename.domain just works.
I never understood why you had trouble.
My DNSMasq conf -
unbound conf - it pulls same data and uses it to do local
I've never ever had any problem with local host names....of course any device I might care to contact also holds a static lease.
I haven't used IPs to get to any of my devices in years....local or via ovpn.
devicename.domain just works.
I never understood why you had trouble.
My DNSMasq conf -
unbound conf - it pulls same data and uses it to do local
does the unbound conf say what port its binded to anywhere? _________________ LATEST FIRMWARE(S)
BrainSlayer wrote:
we just do it since we do not like any restrictions enforced by stupid cocaine snorting managers
Stupid question: what’s the benefit of unbound vs. default dns settings?
Best bet is just google it.
If I tell you what I think someone will just argue with me.
I like using it and when it is properly confg for dd-wrt (when the devs get it right) it will never ever give you any DNS problems.
The r35452 is also running unbound 1.7.0 which is the very latest available.
There is an unbound site https://www.unbound.net
It gets fairly techy for the av Joe iffin you aint familiar with it.
I figure the r7500v2 has it ????
Turn it on , let it run for few days
Are you using it with Cache DNSSec data and custom cache-size?
Stupid question: what’s the benefit of unbound vs. default dns settings?
Best bet is just google it.
If I tell you what I think someone will just argue with me.
I like using it and when it is properly confg for dd-wrt (when the devs get it right) it will never ever give you any DNS problems.
The r35452 is also running unbound 1.7.0 which is the very latest available.
There is an unbound site https://www.unbound.net
It gets fairly techy for the av Joe iffin you aint familiar with it.
I figure the r7500v2 has it ????
Turn it on , let it run for few days
Are you using it with Cache DNSSec data and custom cache-size?
yeah custom dnsmasq size still there but it ain't nessasary...but ain't hurting anything either. cache DNSSEC in the dnsmasq section isn't needed running unbound but it won't hurt either.
If you want to run unbound just turn it on and leave everything else just like it is.
Only thing that would HAVE to be turned off would be DNSCrypt.
Encrypted DNS with DNSCrypt
DNSCrypt is an arguably more complicated way to encrypt DNS requests. It uses its own custom protocol (based on TLS) that hasn't been standardized with an RFC. It is not directly supported in Unbound, and instead requires a client side application known as dnscrypt-proxy
The server side implementation of dnscrypt is known as dnscrypt-wrapper.
We will talk about this in another post.
Using dnscrypt-proxy
It is available in most package repositories
A list of resolvers is found in /usr/share/dnscrypt-proxy/dnscrypt-resolvers.csv. This is where the resolver-name option gets its entries from. Be warned, the file may be out-of-date, get the latest from here
Creating a systemd unit
Create /etc/systemd/system/dnscrypt-proxy.service with the following
[Install]
WantedBy=multi-user.target
Then start it with
sudo systemctl daemon-reload && sudo systemctl start dnscrypt-proxy
Check it works by running
dig @127.53.53.53 example.com +short
Then add the following to /etc/unbound/unbound.conf (replacing any of the earlier forward rules)
forward-zone:
name: "."
forward-addr:127.53.53.53 _________________ ASUS GT-BE98 PRO Main: Fiber 5gbps up/down
ASUS AXE16000: AI Mesh node
2 X ASUS RT-AX89X: AI Mesh nodes
QNAP QSW-1208-8C 12-Port 10GbE Switch
XS712T ProSafe 12-Port 10GbE Switch
3 X R9000 DD-WRT Mesh
No you cannot run dd-wrt dnscrypt-proxy same time as unbound.
Of course unbound can do it all plus much more but that defeats the purpose of why I use it on a router.
If you want DNSCrypt use dd-wrt DNSCryt-proxy plus BS & Kong builds both have added DNSSEC easily added with it.
The openNIC DNS servers I was using all did DNSSEC ... many do these days, it's finally getting popular.
Google DNS servers has used it forever.... but still that aint the point.
I use unbound in dd-wrt cause if where you want to go ain't cached it resovles from 13 root DNS servers which are
always DNSSEC and they just don't ever breakdown ...point blank, that's it, that's all I want, and yea it works great.
Joined: 11 Aug 2017 Posts: 29 Location: edmonton, alberta, canadia!!
Posted: Thu Mar 22, 2018 17:24 Post subject:
Router Model: D-Link DIR-E3
Firmware Version: DD-WRT v3.0-r35452 std 03/20/18
Kernel Version: Linux 3.10.108-dd #51864 Tue Mar 20 05:19:36 CET 2018 mips
Status: Working - as a wired DHCP forwarder to secondary AP off our primary router (as a different SSID solely for 2-5 24/7 video streaming in 1-25Mbps bursts devices)
Reset: YES - but not via the gui AND it didn't work via telnet this time (not that the upgrade gui has worked for me for a number of versions, now). I logged in, erased, rebooted, etc - ended up grabbing a pencil and mashing the reset button to wipe settings.
Errors: None as of yet - and I'm seeing better speedtest.net throughput via wifi on 2.4Ghz than previous builds; going out on a limb and guessing LZO compression has something to do with that? Should probably check the system load and temperature, hmm..
(On this device, at least) - this actually feels like a solid build compared to the past couple, although my system use is extremely low and I have logging turned off. For all I know it's chucking errors left and right, but as it's just a secondary AP for a secondary set of devices I don't pay it much mind; nor can I separate any issues in streaming videos between the android devices and the router (I tend to assume it's android though as the app I'm using is pretty rubbish). _________________ Primary Router for Residential 150Mbps/150Mbps Fiber:
*Asus RT-N66U: running DD-WRT v3.0-r37961 std (12/12/18)*
Adding to my previous report, I confirmed LZO is not working on my 841ND v9 in Telnet, as the wireless status shows "LZO: no" even when it's enabled in the GUI.
