I'm using OpenWRT 22.03 and have setup mwan3 and stubby.
Mainly using mwan3 for failover and link backup.
They work fine but if I disconnect the primary wan and when the backup wan is restored, stubby is unable to resolve.
To test if stubby is the cause, I've also setup unbound. which behaves the same manner. They both work only on the primary WAN connection.
Regular DNS resolution over unencrypted DNS works fine otherwise
As well with the backup and restore of the WANs.
I've setup the proper triggers to include the both the WANs
Yea, I'd already looked into that and my code was as mentioned.
I've read through posts from
I'm still quite new to all this but I've been experimenting with stubby running in on console to monitor this issue. So I know it's nothing to do with the triggers.
When the backup WAN gets active TLS connections from both Stubby and Unbound fail.
I don't quite understand the whole mechanism but if we can find why TLS connections would fail when shifting WAN routes, it would be of great help.
I've been reading through https://www.cloudflare.com/learning/ssl/what-happens-in-a-tls-handshake/ and trying to figure out if there is something uniquely required for each WAN route on the client side that gets defined initially and not updated when the route changes and causes the TLS connection to fail.
Edit: I've added a trigger to the default wan one with the name of my backup interface lte, in the format below and it works. Failover was seamless also without it though.
I thought I'd just report back on what solved it for me.
I went into the interfaces section and unchecked the use Default Gateway on both my WAN connections and checked them back.
Then changed the Use Gateway metric and reset them back.
Also changed the Use DNS servers advertised by peer and changed it back.
I don't know which one did the trick but just changing them and reverting back made it work now.