Plex.direct - Unbound DNS - 21.7.1

[bunchofreeds]

Hi,

Whats the best way to configure a Private Domain 'plex.direct' within unbound in 21.7.1

It used to be done using custom options.

I've found Services>Unbound DNS>Blocklist>Private Domains but need help as this does not work on its own it seems.

Do I need to 'enable the use of DNS Blocklists' and also choose a DNSBL?
If so, which one??

Thanks for any help with this.

[bunchofreeds]

Or do I need to create a .conf file?

https://docs.opnsense.org/manual/unbound.html

I tried this by creating a plex.conf and placing in the correct folder.
Restarted Unbound
No success

I'm confused...

[bunchofreeds]

Can anyone please help with more info about this?

https://forum.opnsense.org/index.php?topic=23929.msg116361#msg116361

@Franco?

How to configure the 'Blocklists' page for my purposes would be really appreciated.

I just need to add a single Private Domain for plex.direct

[bunchofreeds]

The goal here is to exclude individual domains from DNS rebinding protection.
This was achieved using the Custom Options on the Unbound general settings.

Like this

server:
    private-domain: "plex.direct"

If this can now be completed using a configuration within Unbound DNS Blocklist this would be great!

But I can't seem to get it working.

[Nnyan]

I have been working on trying to get this done myself.  Plex remote access will not work unless I can figure out how to do this.

[bunchofreeds]

This is breaking secure plex connections on the local network for me.
I can run with insecure but this requires reconfiguring each client.

Would prefer secure obviously

[rohanking]

Or do I need to create a .conf file?

https://docs.opnsense.org/manual/unbound.html

I tried this by creating a plex.conf and placing in the correct folder.
Restarted Unbound
No success

I'm confused...

Same...
as per: https://docs.opnsense.org/manual/unbound.html#advanced-configurations

I've done the same for both plex.direct and a personal domain hosted on external nameservers that resolve to internal IP's.. can confirm my custom.conf file placed in /usr/local/etc/unbound.opnsense.d/ appears to be ignored.. restart unbound, custom.conf file is copied over to /var/unbound/etc/ but does not do anything.
nslookup returns the authoratitive nameservers, but no IP. :/

[andrema2]

I just added plex.direct no quotes onto Services>Unbound DNS>Blocklist>Private Domains

No need to add
server:
    private-domain: "plex.direct"

It seems to be working for me

[bunchofreeds]

Thanks andrema2,

I had tried setting plex.direct (without quotes) in the private domain section of blocklists and I believe others here have to without success.

To help us - Can you confirm plex clients can NOT connect to the plex server if you remove this setting. Then CAN connect if you set it again.

Also, just to make sure we are doing things the same as you, can you tell us more about how you have set this up within Blocklists.

Specifically what others options you set within Blocklists.
Did you 'enable' blocklists
Did you choose a DNSBL
Did you restart the Unbound DNS Service

Also did you change anything on the plex client or server side

Thanks for any further help

[bunchofreeds]

I have mine working after doing the following

Added a host override to Unbound DNS for plex.mylocaldomain.com and specified its internal IP address.
This address is in DHCPv4 leases already however...

Now my internal secure connections seem to be working again.
I do not have any configuration in blocklists or a .conf file

I also rebooted the plex server which is on a windows server host OS.
I updated windows server and plex server.
I made sure the windows server local network was classed as 'private'

Hopefully this helps others.

[andrema2]

Thanks andrema2,

I had tried setting plex.direct (without quotes) in the private domain section of blocklists and I believe others here have to without success.

To help us - Can you confirm plex clients can NOT connect to the plex server if you remove this setting. Then CAN connect if you set it again.

Also, just to make sure we are doing things the same as you, can you tell us more about how you have set this up within Blocklists.

Specifically what others options you set within Blocklists.
Did you 'enable' blocklists
Did you choose a DNSBL
Did you restart the Unbound DNS Service

Also did you change anything on the plex client or server sides
Thanks for any further help

Yes, I did enabled blocklists, but I didn't choose any DNSBL. I did restart the Unbound. I do have my server in the domain override since I use an alias. Maybe this is why it is working.

I can tell that on the location where unbound load any additional conf files, there is a miscellaneous.conf with the Plex.direct statement in it.

[rohanking]

my .conf file is working after leaving it alone overnight.... strange

[GreenMatter]

I wish it would be up to administrator to enable/disable custom optionsin gui. Since it's not the case I need to ask what's a final solution? Putting .conf

Code Select Expand


server:
private-domain: plex.direct
file in aforementioned directory doesn't work...

[mobjam]

There is a plug-in available, which will return the custom options field within Unbound settings

- To install the plugin, SSH into firewall and run:
   - # fetch -o /usr/local/etc/pkg/repos/mimugmail.conf https://www.routerperformance.net/mimugmail.conf
- Then go to the GUI and install the plugin below from System : Firmware : Plugins
   - os-unboundcustom-maxit-1.0
- Reboot the router, and there will be a new Custom Options menu under Services: Unbound DNS, where you can add the original private-domain: plex.direct command.

[GreenMatter]

my .conf file is working after leaving it alone overnight.... strange

It seems like it's my case too.
Is it related to some cron activity? Reloading, restarting unbound right after saving conf file didn't affect anything.