The script is causing the restart of my VPN Client to take time to restart !

[computersteve]

So i'm noticing something with this script. I'm wondering if this might help... I am noticing that when my vpn disconnects and then reconnects with this script enabled sometimes it takes about a minute for it to reestablish the connection. If I uninstall the script, I don't see that happening.. I am wondering... if setting the priority to "realtime" will make the vpn connection re-establish quicker. My vpn provider forces a reconnect every 24 hours (They say for security). I spoke to them, and they say I shouldn't notice it but with this script when the reconnect happens I notice a lot of activity in the log such as domain_vpn_routing querying policy, etc. It sometimes takes like a minute to re-establish the connection. When I uninstall the script it connects quickly.

[Ranger802004]

I'm not sure what's causing the delay, the query policy commands are just verifying the interface is available and then performing the variable DNS look up functions to add IP addresses to the policy files. That should not be effecting the actual interface from going up or down. Can you ping the VPN interface gateway while you are waiting on Domain VPN Routing to finish querying?

[computersteve]

What does realtime priority do ? Verses the other priorities. See I have Hulu being bypassed and I notice the script try’s to do that and there’s a delay with that.

[Ranger802004]

It changes the process priority on the system for Domain VPN Routing. I don't typically recommend setting to real time unless there is absolute need for that.

[computersteve]

So what about high instead of realtime ?

[Ranger802004]

High would be fine, I have used high in my home network when using Merlin as well as my Merlin Lab.

[computersteve]

I am wondering though does that make the script work quicker. I am noticing specifically with Hulu that it takes a bit for the script to query the domains even when I manually run it.

[Ranger802004]

v3.0.0-beta1 has been released, you can read about it here: https://www.snbforums.com/threads/domain-vpn-routing-v3-0-0-beta1-release.92029/

• In your particular case using dig instead of nslookup may have some performance improvements.

[computersteve]

I can use this with AdGuard home ?? If so how do I enable logging for DNSMasq ? Or do I not need DNSMasq since I’m using AdGuard home ? Or do I run both ?

[Ranger802004]

You can use AdGuardHome with the script but the DNSMasq logging function will not work because AdGuardHome takes over the queries from DNSMasq. Unfortunately the AdGuardHome logs do not bind domains to the queried IP addresses and only the clients requesting the domain so I am not able to create an integration to grab the data from AdGuardHome. To enable DNS logging you would create the file /jffs/configs/dnsmasq.conf.add (If it does not exist already) and then add the following lines to the file.

log-queries log-facility=/var/log/dnsmasq.log

Restart DNSMasq

service restart_dnsmasq

[computersteve]

Three more questions- Is it ok to enable this logging thing with AdGuard home. Meaning it shouldn’t cause an issue !

second - should I enable CNAMES that new feature and what is the benefit or disadvantage of that ? Meaning I see I have to edit my existing policies.

Also if I put Hulu.com does that wildcard feature now mean it will also get the ips of all the wildcard domains such as play.Hulu.com or do I still need to add those domains ?

[Ranger802004]

Three more questions- Is it ok to enable this logging thing with AdGuard home. Meaning it shouldn’t cause an issue !

second - should I enable CNAMES that new feature and what is the benefit or disadvantage of that ? Meaning I see I have to edit my existing policies.

Also if I put Hulu.com does that wildcard feature now mean it will also get the ips of all the wildcard domains such as play.Hulu.com or do I still need to add those domains ?

AdGuardHome will kill wildcard support all together, it won't hurt to add the configuration but it won't matter because no logging will come to DNSMasq. If you know of subdomains I would add them manually since the wildcard matching will rely on passive query data from DNS Logging if it isn't disabled by AdGuardHome being installed.

[computersteve]

So then do I need to enable DNSMasq logging as instructed above !

[Ranger802004]

So then do I need to enable DNSMasq logging as instructed above !

You can enable it to get the functionality if you remove AdGuardHome other than that it won't have an effect.

[computersteve]

Ok so if I don’t want to remove AdGuard home then I don’t need to enable logging correct ?

[Ranger802004]

Correct