Wireguard not response dns

Shouldn't the Script to run on first boot (uci-defaults) be added from the beginning of the image build?

Can you provide a link to this script you're using?

https://openwrt.org/docs/guide-user/base-system/dhcp_configuration#replacing_dnsmasq_with_odhcpd_and_unbound
https://openwrt.org/docs/guide-user/advanced/expand_root#instructions

So, to be clear, you're saying that you posted precisely the following into the UCI Defaults section of the Firmware Selector?

opkg update opkg remove dnsmasq odhcpd-ipv6only opkg install odhcpd uci -q delete dhcp.@dnsmasq[0] uci set dhcp.lan.dhcpv4="server" uci set dhcp.odhcpd.maindhcp="1" uci commit dhcp service odhcpd restart

opkg update opkg install unbound-control unbound-daemon uci set unbound.@unbound[0].add_local_fqdn="3" uci set unbound.@unbound[0].add_wan_fqdn="1" uci set unbound.@unbound[0].dhcp_link="odhcpd" uci set unbound.@unbound[0].dhcp4_slaac6="1" uci set unbound.@unbound[0].unbound_control="1" uci commit unbound service unbound restart uci set dhcp.odhcpd.leasefile="/var/lib/odhcpd/dhcp.leases" uci set dhcp.odhcpd.leasetrigger="/usr/lib/unbound/odhcpd.sh" uci commit dhcp service odhcpd restart

# Configure startup scripts cat << "EOF" > /etc/uci-defaults/70-rootpt-resize if [ ! -e /etc/rootpt-resize ] \ && type parted > /dev/null \ && lock -n /var/lock/root-resize then ROOT_BLK="$(readlink -f /sys/dev/block/"$(awk -e \ '$9=="/dev/root"{print $3}' /proc/self/mountinfo)")" ROOT_DISK="/dev/$(basename "${ROOT_BLK%/*}")" ROOT_PART="${ROOT_BLK##*[^0-9]}" parted -f -s "${ROOT_DISK}" \ resizepart "${ROOT_PART}" 100% mount_root done touch /etc/rootpt-resize reboot fi exit 1 EOF cat << "EOF" > /etc/uci-defaults/80-rootfs-resize if [ ! -e /etc/rootfs-resize ] \ && [ -e /etc/rootpt-resize ] \ && type losetup > /dev/null \ && type resize2fs > /dev/null \ && lock -n /var/lock/root-resize then ROOT_BLK="$(readlink -f /sys/dev/block/"$(awk -e \ '$9=="/dev/root"{print $3}' /proc/self/mountinfo)")" ROOT_DEV="/dev/${ROOT_BLK##*/}" LOOP_DEV="$(awk -e '$5=="/overlay"{print $9}' \ /proc/self/mountinfo)" if [ -z "${LOOP_DEV}" ] then LOOP_DEV="$(losetup -f)" losetup "${LOOP_DEV}" "${ROOT_DEV}" fi resize2fs -f "${LOOP_DEV}" mount_root done touch /etc/rootfs-resize reboot fi exit 1 EOF cat << "EOF" >> /etc/sysupgrade.conf /etc/uci-defaults/70-rootpt-resize /etc/uci-defaults/80-rootfs-resize EOF

We need to know in exact detail.

I do the same!

script same as you sent!

Is it because of my script?

  1. I'm unable to reproduce the issue.
  2. See:

They don't match.

Precise details are needed. Otherwise, I can only suggest you be more careful next time.

:warning: BTW, do not use my screenshot as an example - it was merely an attempt to follow your minimal instructions to reproduce a rogue configuration.

I was able to connect wireguard to openwrt!
Before from wireguard could not connect until now got response from RX but don't know why there is no response from dns server?

You are getting a REFUSED response. That was explained above a few times. Please take time to review the previous posts.

  • Feel free to remove the offending rules, and
  • Reconfigure your clients not to direct query 8.8.8.8 and 8.8.4.4

I'm looking at the ISP side because when nslookup still gets a response from 8.8.8.8 but ping doesn't!

Can I use the private custom DNS server with unbound? Should I paste it on wan or lan?

I found the error! Please close the post! :rofl:

So others can benefit, are you willing to tell us?

1 Like

Partly it's the ISP! Partly it's my firewall configuration!

1 Like