On Thu, 1 Oct 2020 at 15:10, Huge huge@huge.org.uk wrote:
Whilst I see what you're doing, and indeed I do similar things, you're trying to route RFC1918 addresses, so it's not hugely surprising odd things happen.
Fair point! But I would have expected to see those odd things at the time I set things up, not many months or years later; the fact that it was breaking only now and only in one specific place pointed to where the problem was but I didn't have the terminology to find the solution via Google. (For example, it never crossed my mind to refer to the addresses as RFC1918, and I would certainly never have used the word "rebind" - and still don't really understand its usage here even now.)
I especially like that whilst modern DNS tools like dnsmasq have the option to block such usage (with good reason) and probably set a sensible default too (I don't know if the default was openwrt's choice or dnsmasq's here), I don't have to just turn that protection off entirely but can do so per-domain. Useful lessons learned!