Closed BloodyIron closed 6 years ago
nexusofdoom
commented
6 years ago on your router or firewall you setup the DNS server to point to your lancache box. it does all the DNS not just the caching DNS. so if your firewall is using googles dns 8.8.8.8 and your lancache box is 192.168.1.2 you will tell your firewall the DNS server is 192.168.1.2.
nexusofdoom
commented
6 years ago if you want to have your firewall only forward domains to your lancache the list of domains are in this file https://github.com/bntjah/lancache/blob/master/unbound/unbound.conf
BloodyIron
commented
6 years ago Ahh thanks!
BloodyIron
commented
6 years ago For the domains listed as "transparent" instead of "redirect", are those domains that are just forwarded to the next nameserver? If so, I think that means that I don't need to redirect from my gateway to the lancache for that specific domain. Am I reading this right?
nexusofdoom
commented
6 years ago you just need to do the redirect domains for your setup.
BloodyIron
commented
6 years ago @nexusofdoom thanks! :DDDDD
BloodyIron
commented
6 years ago Oh, one more question. For my configuration, do I need sniproxy? I suspect I don't since I think the traffic that the lancache would be handling at that point would just be HTTP not HTTPS. Please advise.
nexusofdoom
commented
6 years ago since I use sniproxy I have not tested in the way your are running it. you can try it with out and see.
brgerig
commented
6 years ago I'm guessing you'll still want to use sniproxy, since some of the redirected domains are used for https traffic as well as http. sniproxy makes sure that the SSL traffic still makes it through. (I'm firmly convinced that sniproxy is a large part of why this attempt at caching has been so much more successful that my previous one.)
In particular, I have a lot of requests in my sniproxy logs for various *.update.microsoft.com domains. (I think I saw somewhere else that you were asking about windows updates.)
bntjah
commented
6 years ago Cleaning up issues that are possibly no longer relevant. Closing this...
Hey, any chance we could get the installation instructions updated so we know which FQDNs/DNS Addresses need to be redirected explicitly to the lancache server? From what I'm reading, this setup is intended to operate separately from the gateway on a LAN, but rely on the LAN gateway to direct certain FQDNs/DNS Addresses to the lancache server.
As such, I am not sure which domains and such to override in the gateway D: