diff --git a/src/dnsmasq.c b/src/dnsmasq.c
index 30fb419..776351a 100644
--- a/src/dnsmasq.c
+++ b/src/dnsmasq.c
@@ -2025,6 +2025,10 @@ static void check_dns_listeners(time_t now)
 		  daemon->pipe_to_parent = pipefd[1];
 		}
 
+#ifdef HAVE_UBUS
+	      drop_ubus_listeners();
+#endif
+
 	      /* start with no upstream connections. */
 	      for (s = daemon->servers; s; s = s->next)
 		 s->tcpfd = -1; 
diff --git a/src/dnsmasq.h b/src/dnsmasq.h
index e455c3f..c84ba48 100644
--- a/src/dnsmasq.h
+++ b/src/dnsmasq.h
@@ -1673,14 +1673,26 @@ void emit_dbus_signal(int action, struct dhcp_lease *lease, char *hostname);
 
 /* ubus.c */
 #ifdef HAVE_UBUS
+struct blob_attr;
+typedef void (*ubus_dns_notify_cb)(struct blob_attr *msg, void *priv);
+
 char *ubus_init(void);
 void set_ubus_listeners(void);
 void check_ubus_listeners(void);
+void drop_ubus_listeners(void);
+int ubus_dns_notify_has_subscribers(void);
+struct blob_buf *ubus_dns_notify_prepare(void);
+int ubus_dns_notify(const char *type, ubus_dns_notify_cb cb, void *priv);
 void ubus_event_bcast(const char *type, const char *mac, const char *ip, const char *name, const char *interface);
 #  ifdef HAVE_CONNTRACK
 void ubus_event_bcast_connmark_allowlist_refused(u32 mark, const char *name);
 void ubus_event_bcast_connmark_allowlist_resolved(u32 mark, const char *pattern, const char *ip, u32 ttl);
 #  endif
+#else
+static inline int ubus_dns_notify_has_subscribers(void)
+{
+	return 0;
+}
 #endif
 
 /* ipset.c */
diff --git a/src/forward.c b/src/forward.c
index 32f37e4..3d28963 100644
--- a/src/forward.c
+++ b/src/forward.c
@@ -803,7 +803,7 @@ static size_t process_reply(struct dns_header *header, time_t now, struct server
 	  cache_secure = 0;
 	}
       
-      if (daemon->doctors && do_doctor(header, n, daemon->namebuff))
+      if ((daemon->doctors || ubus_dns_notify_has_subscribers()) && do_doctor(header, n, daemon->namebuff))
 	cache_secure = 0;
       
       /* check_for_bogus_wildcard() does it's own caching, so
diff --git a/src/rfc1035.c b/src/rfc1035.c
index 387d894..7bf7967 100644
--- a/src/rfc1035.c
+++ b/src/rfc1035.c
@@ -13,8 +13,10 @@
    You should have received a copy of the GNU General Public License
    along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
-
 #include "dnsmasq.h"
+#ifdef HAVE_UBUS
+#include <libubox/blobmsg.h>
+#endif
 
 int extract_name(struct dns_header *header, size_t plen, unsigned char **pp, 
 		 char *name, int isExtract, int extrabytes)
@@ -384,10 +386,65 @@ static int private_net6(struct in6_addr *a, int ban_localhost)
     ((u32 *)a)[0] == htonl(0x20010db8); /* RFC 6303 4.6 */
 }
 
+#ifdef HAVE_UBUS
+static void ubus_dns_doctor_cb(struct blob_attr *msg, void *priv)
+{
+	static const struct blobmsg_policy policy = {
+		.name = "address",
+		.type = BLOBMSG_TYPE_STRING,
+	};
+	struct blob_attr *val;
+	char **dest = priv;
+
+	blobmsg_parse(&policy, 1, &val, blobmsg_data(msg), blobmsg_data_len(msg));
+	if (val)
+		*dest = blobmsg_get_string(val);
+}
+
+static int ubus_dns_doctor(const char *name, int ttl, void *p, int af)
+{
+	struct blob_buf *b;
+	char *addr;
+
+	if (!name)
+		return 0;
+
+	b = ubus_dns_notify_prepare();
+	if (!b)
+		return 0;
+
+	blobmsg_add_string(b, "name", name);
+
+	blobmsg_add_u32(b, "ttl", ttl);
+
+	blobmsg_add_string(b, "type", af == AF_INET6 ? "AAAA" : "A");
+
+	addr = blobmsg_alloc_string_buffer(b, "address", INET6_ADDRSTRLEN);
+	if (!addr)
+		return 0;
+
+	inet_ntop(af, p, addr, INET6_ADDRSTRLEN);
+	blobmsg_add_string_buffer(b);
+
+	addr = NULL;
+	ubus_dns_notify("dns_result", ubus_dns_doctor_cb, &addr);
+
+	if (!addr)
+		return 0;
+
+	return inet_pton(af, addr, p) == 1;
+}
+#else
+static int ubus_dns_doctor(const char *name, int ttl, void *p, int af)
+{
+	return 0;
+}
+#endif
+
 int do_doctor(struct dns_header *header, size_t qlen, char *namebuff)
 {
   unsigned char *p;
-  int i, qtype, qclass, rdlen;
+  int i, qtype, qclass, rdlen, ttl;
   int done = 0;
   
   if (!(p = skip_questions(header, qlen)))
@@ -404,7 +461,7 @@ int do_doctor(struct dns_header *header, size_t qlen, char *namebuff)
       
       GETSHORT(qtype, p); 
       GETSHORT(qclass, p);
-      p += 4; /* ttl */
+      GETLONG(ttl, p); /* ttl */
       GETSHORT(rdlen, p);
       
       if (qclass == C_IN && qtype == T_A)
@@ -415,6 +472,9 @@ int do_doctor(struct dns_header *header, size_t qlen, char *namebuff)
 	  if (!CHECK_LEN(header, p, qlen, INADDRSZ))
 	    return done;
 	  
+	  if (ubus_dns_doctor(daemon->namebuff, ttl, p, AF_INET))
+	    header->hb3 &= ~HB3_AA;
+
 	  /* alignment */
 	  memcpy(&addr.addr4, p, INADDRSZ);
 	  
@@ -444,6 +504,14 @@ int do_doctor(struct dns_header *header, size_t qlen, char *namebuff)
 	      break;
 	    }
 	}
+      else if (qclass == C_IN && qtype == T_AAAA)
+        {
+	  if (!CHECK_LEN(header, p, qlen, IN6ADDRSZ))
+	    return 0;
+
+	  if (ubus_dns_doctor(daemon->namebuff, ttl, p, AF_INET6))
+	    header->hb3 &= ~HB3_AA;
+	}
       
       if (!ADD_RDLEN(header, p, qlen, rdlen))
 	 return done; /* bad packet */
diff --git a/src/ubus.c b/src/ubus.c
index a5758e7..f2a75a8 100644
--- a/src/ubus.c
+++ b/src/ubus.c
@@ -72,6 +72,13 @@ static struct ubus_object ubus_object = {
   .subscribe_cb = ubus_subscribe_cb,
 };
 
+static struct ubus_object_type ubus_dns_object_type =
+   { .name = "dnsmasq.dns" };
+
+static struct ubus_object ubus_dns_object = {
+	.type = &ubus_dns_object_type,
+};
+
 static void ubus_subscribe_cb(struct ubus_context *ctx, struct ubus_object *obj)
 {
   (void)ctx;
@@ -105,13 +112,21 @@ static void ubus_disconnect_cb(struct ubus_context *ubus)
 char *ubus_init()
 {
   struct ubus_context *ubus = NULL;
+  char *dns_name;
   int ret = 0;
 
   if (!(ubus = ubus_connect(NULL)))
     return NULL;
   
+  dns_name = whine_malloc(strlen(daemon->ubus_name) + 5);
+  sprintf(dns_name, "%s.dns", daemon->ubus_name);
+
   ubus_object.name = daemon->ubus_name;
+  ubus_dns_object.name = dns_name;
+
   ret = ubus_add_object(ubus, &ubus_object);
+  if (!ret)
+    ret = ubus_add_object(ubus, &ubus_dns_object);
   if (ret)
     {
       ubus_destroy(ubus);
@@ -181,6 +196,17 @@ void check_ubus_listeners()
       } \
   } while (0)
 
+void drop_ubus_listeners()
+{
+  struct ubus_context *ubus = (struct ubus_context *)daemon->ubus;
+
+  if (!ubus)
+    return;
+
+  ubus_free(ubus);
+  daemon->ubus = NULL;
+}
+
 static int ubus_handle_metrics(struct ubus_context *ctx, struct ubus_object *obj,
 			       struct ubus_request_data *req, const char *method,
 			       struct blob_attr *msg)
@@ -328,6 +354,53 @@ fail:
       } \
   } while (0)
 
+int ubus_dns_notify_has_subscribers(void)
+{
+	return (daemon->ubus && ubus_dns_object.has_subscribers);
+}
+
+struct blob_buf *ubus_dns_notify_prepare(void)
+{
+	if (!ubus_dns_notify_has_subscribers())
+		return NULL;
+
+	blob_buf_init(&b, 0);
+	return &b;
+}
+
+struct ubus_dns_notify_req {
+	struct ubus_notify_request req;
+	ubus_dns_notify_cb cb;
+	void *priv;
+};
+
+static void dns_notify_cb(struct ubus_notify_request *req, int type, struct blob_attr *msg)
+{
+	struct ubus_dns_notify_req *dreq = container_of(req, struct ubus_dns_notify_req, req);
+
+	dreq->cb(msg, dreq->priv);
+}
+
+int ubus_dns_notify(const char *type, ubus_dns_notify_cb cb, void *priv)
+{
+	struct ubus_context *ubus = (struct ubus_context *)daemon->ubus;
+	struct ubus_dns_notify_req dreq;
+	int ret;
+
+	if (!ubus || !ubus_dns_object.has_subscribers)
+		return 0;
+
+	ret = ubus_notify_async(ubus, &ubus_dns_object, type, b.head, &dreq.req);
+	if (ret)
+		return ret;
+
+	dreq.req.data_cb = dns_notify_cb;
+	dreq.cb = cb;
+	dreq.priv = priv;
+
+	return ubus_complete_request(ubus, &dreq.req.req, 100);
+}
+
 void ubus_event_bcast(const char *type, const char *mac, const char *ip, const char *name, const char *interface)
 {
   struct ubus_context *ubus = (struct ubus_context *)daemon->ubus;