I fr hate using AI to troubleshoot because I can feel how it makes me lazy, but sometimes using AI is better than banging my head against a wall for 10 hours. And usually i stop once I find a productive line of research or investigation to follow.

For local DNS i run FreeIPA since everything in my network is domain controlled. I’m gonna look into adding filtering through that, but we’ll have to see how it goes.

Theres so much I end up handling manually with my UDM that at this point i might rather just install open source routing software on it atp. I don’t even use the web UI for wireguard because I can’t even specify the allowed IPs for a connection.

I’m not entirely sure how I want to run my ad blocking yet. I left adblocking on for the wifi subnet because I don’t mind it there, and I have ublock origin on my PC. I might use PiHole but my DNS on my network is actually managed by FreeIPA so making sure everything works properly there is paramount. I’m pretty sure I can do that easily but I need to test it to make sure my forward zones work as expected and nothing breaks.

Yeah I found some documentation from Ubiquiti afterwards that said all DNS requests would get proxied, although it didn’t mention it wouldn’t forward dynamic updates.

I did use dig, but I didn’t do a trace which probably would’ve been helpful. I just didnt anticipate that id be getting MITM by my own infra.