R7000 I am using. ***** is the vpn setup using their online guide.
Basic setup I have set 8.8.8.8 as DNS 1 and 8.8.4.4 as DNS 2.
May 31 16:49:52 daemon.info dnsmasq[971]: using nameserver 10.200.0.1#53
May 31 16:49:52 daemon.info dnsmasq[971]: using nameserver 8.8.8.8#53
May 31 16:49:52 daemon.info dnsmasq[971]: using nameserver 8.8.4.4#53
May 31 16:49:52 daemon.info dnsmasq[971]: using nameserver 192.168.1.254#53
Last edited by burgess85 on Sun May 31, 2020 17:18; edited 1 time in total
Joined: 18 Mar 2014 Posts: 12839 Location: Netherlands
Posted: Sun May 31, 2020 16:42 Post subject:
Please resize your picture to not more than 760 pixels (it really is in the forum guide lines, together with a lot of other useful information).
I can tell you why you do not have this in 40599, because that build was not using DNS server pushed by your VPN provider (10.200.0.1)
I am not the local DNS expert so I could be wrong about this:
Recursive DNS is a safety concern so if you have a DNS server which is not doing that it is actually a good thing, but the DNS server should have all DNS addresses in its cache otherwise it returns not found, you will then be using the next DNS servers from your list so it should be no problem
Please resize your picture to not more than 760 pixels (it really is in the forum guide lines, together with a lot of other useful information).
I can tell you why you do not have this in 40599, because that build was not using DNS server pushed by your VPN provider (10.200.0.1)
I am not the local DNS expert so I could be wrong about this:
Recursive DNS is a safety concern so if you have a DNS server which is not doing that it is actually a good thing, but the DNS server should have all DNS addresses in its cache otherwise it returns not found, you will then be using the next DNS servers from your list so it should be no problem
Just a small remark off topic, this seems your secondary downstream router and if you have not done so, just give it a static WAN or better a static lease from your primary router (of course outside the DHCP scope if your primary router is a DDWRT router)
I have this ddwrt plugged into my ISP router and only use it for VPN. Is there any other way I should he doing it? On the logs I have noticed my ISP router 192.168.1.254 is being used as a DNS server. Guessing this shouldn't be there?
You should also look into how to configure unbound, if that is what you are also using with dnsmasq.
Thank you for your help. I have Query DNS in Strict order enabled anyway so guessing that should be ok as long as the first two DNS servers cloudflare and Google DNS don't go down?