Unbound via startup script -local router

Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking
View previous topic :: View next topic  
Author Message
Docop1
DD-WRT Novice


Joined: 22 Feb 2021
Posts: 23
PostPosted: Sun Apr 04, 2021 0:11    Post subject: Unbound via startup script -local router Reply with quote
Hi
i would like to know/confirm, can we run Dot or Doh in Unbound by itself ? Just enabling it in basic/setup did get the .conf file, but can we load a new one with startup in router alone ?
By creating a <dnscrypt file> and calling it in the: service / Additional Dnsmasq Options , this work perfectly and the old list at /etc/dnscrypt/dnscrypt-resolvers.csv is bypass. Can be nice to know how can we write over with a new one. It's in read-only.

Here code creating a csv...
Code:


cat << "EOF" > "/tmp/root/dnscrypt-resolvers.csv"
"Name","Full name","Descripti ......  EOF

RESOLVER_FILE="/tmp/root/dnscrypt-resolvers.csv"
dnscrypt-proxy -S -m 5 -a 127.0.0.1:30 -R serverXYZ -L /tmp/root/dnscrypt-resolvers.csv -d


So i'm looking to run or do the same but with no usb, no jffs , no Stubby, no Entware. a local script only for unbound.

Thanks in advance
Back to top View user's profile Send private message
Sponsor
itwontbewe
DD-WRT User


Joined: 29 Sep 2020
Posts: 260
Location: United States
PostPosted: Sun Apr 04, 2021 14:21    Post subject: Reply with quote
not sure

maybe try editing the /tmp/unbound.conf file
maybe unbound-control reload afterwards

good luck
Back to top View user's profile Send private message
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 6440
Location: UK, London, just across the river..
PostPosted: Mon Apr 05, 2021 7:30    Post subject: Reply with quote
Unbound - all you need to know...
https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320362

as well..usually when start a thread state your router model and current firmware number...it helps...
_________________
Atheros
TP-Link WR740Nv1 ---DD-WRT 55630 WAP
TP-Link WR1043NDv2 -DD-WRT 55723 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55779 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55819 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55779 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
Back to top View user's profile Send private message
itwontbewe
DD-WRT User


Joined: 29 Sep 2020
Posts: 260
Location: United States
PostPosted: Sat Mar 04, 2023 14:15    Post subject: Reply with quote
do not tick unbound in the ui

Dnsmasq
Additional Options
Code:
server=127.0.0.1#7053
no-resolv

Startup script
Code:
mkdir -p /tmp/etc
cp -r /etc/unbound /tmp/etc
> /tmp/unbound.conf
cat << EOF > /tmp/unbound.conf
server:
verbosity: 1
interface: 0.0.0.0@7053
outgoing-num-tcp: 10
incoming-num-tcp: 10
msg-buffer-size: 8192
msg-cache-size: 1m
num-queries-per-thread: 30
rrset-cache-size: 2m
infra-cache-numhosts: 200
chroot: ""
username: ""
directory: "/tmp/etc/unbound"
pidfile: "/var/run/unbound.pid"
root-hints: "/tmp/etc/unbound/named.cache"
target-fetch-policy: "2 1 0 0 0 0"
harden-short-bufsize: yes
harden-large-queries: yes
auto-trust-anchor-file: "/tmp/etc/unbound/root.key"
key-cache-size: 100k
neg-cache-size: 10k
num-threads: 2
so-reuseport: no
msg-cache-slabs: 2
rrset-cache-slabs: 2
infra-cache-slabs: 2
key-cache-slabs: 2
outgoing-range: 462
access-control: 127.0.0.0/8 allow
access-control: 192.168.1.1/24 allow
local-data: "localhost A 127.0.0.1"
local-data: "DD-WRT A 192.168.1.1"
tls-cert-bundle: "/etc/ssl/ca-bundle.crt"
python:
remote-control:
control-enable: yes
control-use-cert: no
forward-zone:
name: "."
forward-addr: 9.9.9.9@853#dns.quad9.net
forward-tls-upstream: yes
EOF
unbound -c /tmp/unbound.conf
curl --output /tmp/etc/unbound/named.cache https://www.internic.net/domain/named.cache
unbound-control reload


* made adjustments
April 6 2023
Back to top View user's profile Send private message
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum