Ensure unbound dns gets through
My network consists of 3 interfaces wan, lan and openvpn. How do I prioritze unbound dns traffic so it gets through when internet traffic is choked?
First you need to create a firewall rule that selects that particular traffic.
Then setup a traffic-shaper PRIQ default queue for all your other traffic to be directed into (since it's set as "default", everyone should funnel into that queue without explicitely creating rules, but you may need to go the explicite rule route if things don't default into that queue).
Then setupa a second PRIQ with a higher priority for Unbound DNS and that should be it, more or less.
Thank you for your help with setting up a PRIQ queue for dns traffic.
I ran the wizard for 2 wan and 1 lan and created low and high priority, ack, link and default queue. My firewall has rule for port 53 on lan interface is in high priority queue. Queuedrop status shows drops in the high priority queue. Nslookup still times out after 2 seconds when the default queue is in full throttle. Any ideas?
Have yo reset firewall states? A restart is always something to try.
I filled in the bandwidth for the wan interface. Not sure if it was that or the reset state but things are working better now. Thanks for your help.