ray308
September 27, 2022, 12:16pm
1
My router is running on;
Raspberry Pi 4 Model B Rev 1.2
OpenWrt 21.02.3 r16554-1d4dea6d4f / LuCI openwrt-21.02 branch git-22.245.77575-63bfee6
When I use a fqdn's on my lan, It shows the correct website or service.
When I enable https-dns-proxy, I can only acces them by there ip adres in lan and resolving (do you call it like that?) is not working. Any idea why, or how to correct this when using https-dns-proxy?
trendy
September 27, 2022, 12:23pm
2
For a start it is needed to post uci export dhcp
ray308
September 27, 2022, 12:26pm
3
Hi Trendy, didn't know what was needed
root@Router:/# uci export dhcp
package dhcp
config dnsmasq
option domainneeded '1'
option localise_queries '1'
option rebind_protection '1'
option rebind_localhost '1'
option local '/lan/'
option domain 'lan'
option expandhosts '1'
option authoritative '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
option localservice '1'
option ednspacket_max '1232'
option confdir '/tmp/dnsmasq.d'
list server '/use-application-dns.net/'
list server '127.0.0.1#5053'
option noresolv '1'
option doh_backup_noresolv '-1'
list doh_backup_server '/use-application-dns.net/'
config dhcp 'lan'
option interface 'lan'
option start '100'
option limit '150'
option leasetime '12h'
option dhcpv4 'server'
option dhcpv6 'server'
option ra 'server'
list ra_flags 'managed-config'
list ra_flags 'other-config'
option dns_service '0'
config dhcp 'wan'
option interface 'wan'
option ignore '1'
option start '100'
option limit '150'
option leasetime '12h'
list ra_flags 'none'
config odhcpd 'odhcpd'
option maindhcp '0'
option leasefile '/tmp/hosts/odhcpd'
option leasetrigger '/usr/sbin/odhcpd-update'
option loglevel '4'
config host
option name 'raspberrypi'
option ip '192.168.1.172'
option mac 'B8:27:EB:F6:F4:DC'
config host
option name 'HarmonyHub'
option ip '192.168.1.236'
option mac '00:04:20:F6:00:68'
config host
option name 'Kodi-Pi4'
option ip '192.168.1.108'
option mac 'DC:A6:32:FC:A7:53'
config dhcp 'ziggo_lan'
option interface 'ziggo_lan'
option start '100'
option limit '150'
option leasetime '12h'
option ra 'server'
option dhcpv6 'server'
list ra_flags 'managed-config'
list ra_flags 'other-config'
option force '1'
list dns '2001:b88:1202::10'
list dns '2001:b88:1002::10'
list dns '2001:730:3e42:1000::53'
list dhcp_option '6,84.116.46.23,84.116.46.22'
list dhcp_option '6,84.116.46.20,84.116.46.21'
config host
option name 'VMB4000'
option mac '9C:3D:CF:49:F1:8B'
option ip '192.168.1.20'
config domain
option ip '192.168.1.30'
option name 'nas.lan'
config domain
option ip '192.168.1.1'
option name 'router.lan'
root@Router:/#
I just noticed this issue because my calender didn't sync on lan but did when I was out to the office today.
ray308
September 27, 2022, 2:51pm
4
If I do a nslookup on a site that is running on docker on my nas (with reverse proxy)
raymond@MBP-van-Raymond ~ % nslookup flame.fakedomain.synology.me
Server: 192.168.1.1
Address: 192.168.1.1#53
Non-authoritative answer:
Name: flame.fakedomain.synology.me
Address: xx.xx.xx.66. (my external ip from my isp)
When I do this with the nas website
raymond@MBP-van-Raymond ~ % nslookup nas.fakeddomain.synology.me
Server: 192.168.1.1
Address: 192.168.1.1#53
** server can't find nas.fakeddomain.synology.me: NXDOMAIN
raymond@MBP-van-Raymond ~ %
trendy
September 27, 2022, 3:31pm
5
synology.me is not excluded from being sent to the https-dns-proxy, so it will be answered from upstream resolver.
However in one case you are resolving flame.fakedomain
and in the other nas.fakedomain
.
ray308
September 27, 2022, 4:45pm
6
Yes, they all run on the same server but "flame' is on docker on my nas and 'nas' is just the nas his address self. Funny think is all worked fine (always did) but not with https-dns-proxy. So I'm wondering why this is the case.
ray308
September 27, 2022, 5:23pm
7
When I disable /stop https-dns-proxy
raymond@MBP-van-Raymond ~ % nslookup nas.fakdomain.synology.me
Server: 192.168.1.1
Address: 192.168.1.1#53
Non-authoritative answer:
Name: nas.fakedomain.synology.me
Address: xx.xx.xx.66
raymond@MBP-van-Raymond ~ %
trendy
September 27, 2022, 7:01pm
8
Does it help if you use the list server '/synology.me/192.168.1.1
to force it?
ray308
September 28, 2022, 8:31am
9
I’m going to give that a try, later today.
Something I noticed, when I do not use the provider I normally use, but for example cloudflare. It seems to work, so maybe it’s my dns providers settings?
I’ll let you know how it goes.