Messages

I have GEO IP blocking enabled. Could this be the culprit? I've disabled it just now to see what happens.

I am not running IPS. For DNS servers, I had these configurations. Unbound on 10.10.60.1:53 without adguard, and with adguard I had it pointing to the same IP.

Block was the wrong word. It was a DNS failure saying it can't find the website. My browser does not have any special configuration. I'm hosting my own instance of 4get for search.

I'm still getting the errors with adguard and upstream DNS servers (mullvad and quad9) just less of it. To clarify, the issue is present with adguard as the DNS, with adguard pointing to opnsense as the DNS, and without adguard and opnsense being the main DNS.

How can I troubleshoot this?

There is definitely an issue with Unbound. I'm getting the block again for sites I can access on my carrier network. This is with Unbound getting requrest directly and Adguard out of the picture.

Now I will enable Adguard and use upstream DNS servers.

For now, I'm testing without Adguard to see if there are issues. If none, I'll point to upstream DNS in Adguard. I like having unbound be a DNS resolver.

I'm having issues with unbound resolving DNS. It happens with popular destinations such as github.com and reddit.com. I used to run pfsense before moving to opnsense with the same setup and never experience this issue. I've had this issue using Dnsmasq and recently with Kea.

My setup is as follows. My LAN uses Adgurad home, which is on a Raspberry Pi. Now using Kea, the LAN DNS is set to Adguard. Adguard's DNS is set to Unbound. The LAN points to 10.10.60.190 and the Adguard points to 10.10.60.1:53. It's fairly straightforward.

Unbound is setup on port 53. DNSSEC and Flush DNS Cache during reload are enabled.

Could this be an issue with unbound receiving requests from Adguard?

Hi All, I'm having issues with DNS resolution as well. I have opnsense pointing to my raspberry pi adguard instance for my LAN, Dnsmasq-DHCP Options-dns-server (6). My adguard points back to opnsense unbound dns, 10.10.60.1:53. Right now github.com is failing. I'm not sure what is going on. I've never had dns resolution issues with PFsense.

I have DNSSEC support enabled and flush DNS cash enabled in unbound. And I just checked gihub.com, and it's working again.

Is this a bug?

I wanted to check something. On my iPad, I did the same thing. It is serving the correct DNS now. I'll figure out what is the issue with the Mac or just reboot it. Thanks again.

I'm on a Mac, and I renewed the DHCP lease. It doesn't show my adguard DNS. Thanks for helping to this point.

This is what I have setup. It's not working. Looking at adguard, there are no blocked queries for websites I know get blocked ads.

dnsmasq has the option to point to a DNS server, you can find it in DHCP Options.

Thank you for the response. There are 2 options, options and boot. Which do I choose and what settings?

Hi All,

I'm planning to move off of pfsense to opnsense. With pfsense, I was using kea DHCP, which allowed me to put the DNS server, adguard on a raspberry pi, in the DHCP server settings. Adguard would then point back to Unbound on pfsense for recursive DNS. This was only for my LAN. My VLANs use Unbound directly, and I want to keep it this way.

Kea DHCP seems to be a real PITA to setup on opnsense. So I'm using dnsmasq for DHCP. It doesn't have the option to point to a DNS server like kea.

How would I get this same setup running under dnsmasq DHCP?