DD-WRT serving additional DNS servers instead of just the router’s IP

router dns dhcp dd-wrt dnsmasq
49,478

Solution 1

It's good that you're using DNSMasq.

You can configure what you want in the Services (> Services) tab, in the DNSMasq > Additional DNSMasq Options box, but first, you'll want to clear those Static DNS fields. Static DNS fields in "Setup > Basic Setup"

Add the following to the DNSMasq options box:

dhcp-option= option:dns-server, 192.168.10.10 # DHCP option 006

server = 8.8.8.8 # DNSMasq will use these servers for forwarding the DNS requests that it can't serve
server = 8.8.4.4

Solution 2

Info taken from the official DD-WRT site: http://www.dd-wrt.com/wiki/index.php/OpenDNS

It appears you can set the remaining dns servers to non-routable IPs (in my case 10.0.0.0 & 10.0.0.1) and it will squeeze out your ISPs DNS servers with these non-routables. So far for me it seems to be working without any delay waiting on the non-existent DNS servers.

Solution 3

I am not using DDWRT, so this is half-question / half-answer.

The manual DNSMasq as DHCP server says in the section "Extra DNSMasq options" :

There are some extra options in the web interface for DNSMasq that you can set by entering them in Additional DNSMasq Options on the "Services" tab.

If you wish to pass through the DNS servers from your ISP, you can use the following parameters:

dhcp-option=6, x.x.x.x, y.y.y.y

where x.x.x.x = DNS1 y.y.y.y = DNS2

This seems to mean that passing the ISP servers is optional, so locating and deleting the above line should turn it off.

Solution 4

A typical configuration option for DD-WRT is to allow the router to route DNS outside of the ISP's primary DNS servers; which you have succesfully done; however, since the requests are generating from the CLIENT machine, connecting TOO the router, the order of preference is always given to the configured DNS on the client's machine, and then to the router.

What you are describing happening is that the client is associating with your router, which is correct, but their DNS shows your router IP + 2 other DNS settings. Please check the client computer, and make sure that their IPV4 settings are set to dynamically pull the DNS server configuration from the connection, and not manually configure it:

Configuring Client

Then, make sure you have your DD-WRT router setup properly:

Configure Router

In your configuration above, you also have some issues; you have set the DHCP address range to start at 200 and end at 255; I would recommend you change that to start at 200 and end at 254; leaving the 255 address off, given that for normal configurations *.*.*.255 is a broadcast address, and not a normal IP address to use to assign to the associated client.

I highlighted the local DNS settings because you set yours to 127.0.0.1; which means you are running a local DNS server on the router. If this isn't the case, then change it to 0.0.0.0, or a proper address to a local DNS server on your network.

You'll notice that when the server & client are configured in this manner, only the routers DNS IP address will appear; and all requests will be routed through the DNS servers associated w/ the router.

Note on local DNS server If you wish the router to associate certain local address to local IP's you can add those to the DNSMasq configuration options in the proper DD-WRT screen, or use a local DNS server, and put in a proper IP address for that server (usually a static server, within the scope of the network). This way, the order of resolution will be the local server first, then the 2 external. But, still only the clients will see the router IP as the DNS server.

Solution 5

If you do not want clients to reach external DNS do not put their addresses in your DHCP server config.

I suppose you wanted to add (eventually faster) google's DNS servers in a configuration of external DHCP Client (where DNSMASQ would take it's DNS client preferences)

Extra:

You have to add extra (all) DNS servers to WAN link configuration. DNSMasq will use them and never ones DHCP client would acquire from provider.

Share:
49,478

Related videos on Youtube

0x6A75616E
Author by

0x6A75616E

Updated on September 18, 2022

Comments

  • 0x6A75616E
    0x6A75616E over 1 year

    I have a DD-WRT (using DD-WRT v24SP2-MULTI (03/21/11) std) router set up with DNSMasq to resolve certain domains to internal addresses and pass everything else thru. The router itself is configured to use Google’s public DNS servers to resolve addresses.

    My setup screen looks like this:

    DDWRT Setup Screen

    My problem is that when a DHCP client connects, they get the router plus Google’s two DNS servers as the assigned DNS servers:

    DNS servers assigned by DHCP

    This is a problem because sometimes wireless clients try to resolve a domain that is supposed to point to an internal IP address and end up getting an external ip instead because for whatever reason their request is sent to 8.8.8.8 instead of to the router.

    I don’t want the router to serve anything but its own IP as the DNS server. Is that possible?

    • henry700
      henry700 over 12 years
      I may be mistaken, but since that is the DHCP server configuration section you are explicitly telling your router to provide those google servers as dns options for clients. You want to remove those from the list, and then configure the router to get its own dns from google, perhaps the answer below is the proper way to do this.
    • 0x6A75616E
      0x6A75616E over 12 years
      If I remove those, the router will provide the servers that it got from the ISP via DHCP..
    • henry700
      henry700 over 12 years
      You say "for whatever reason" sevral times in your post and comments. THIS is the reason that 8.8.8.8 is passed to the clients. Because you told it to. If you don't want that reported, you need to remove it. If your router is a dns server, then try your router's address ONLY.
    • 0x6A75616E
      0x6A75616E about 12 years
      @horatio, not really.. My point is why is the dhcp server giving out any additional DNS addresses at all. If dnsmasq on the device and applying certain name resolution rules, serving additional DNS servers (besides the router itself) defeats that purpose.
    • henry700
      henry700 about 12 years
      That section is a list of DNS servers to be given out to clients which request DHCP information.
    • 0x6A75616E
      0x6A75616E about 12 years
      @horatio, I understand that.. however, if I leave them empty, the DHCP server will serve DNS servers it got from my ISP instead. So there is no way to keep it from just serving the router's IP as the only dns server to clients.
    • 0x6A75616E
      0x6A75616E about 12 years
      @kinokijuf that's a nice opinion. Too bad it's off-topic and non-constructive :(
    • Piotr Dobrogost
      Piotr Dobrogost over 2 years
      Have you tried putting router's IP address in each of the three Static DNS fields?
  • thane
    thane over 12 years
    I would set dhcp-option=6,192.168.10.10 to pass that IP address as DNS server IP to DHCP clients.
  • 0x6A75616E
    0x6A75616E over 12 years
    Thanks for the pointer. I tried that on both uDHCPd (which is the DNS daemon I was using on ddwrt) and DNSMasq (switched to it) but to no avail :(. It keeps serving the additional dns records for whatever reason.
  • harrymc
    harrymc over 12 years
    In that case you should maybe post the question on the DD-WRT forums.
  • 0x6A75616E
    0x6A75616E over 12 years
    thanks for your contribution, but that doesn't make much sense in the context of the question. DNSMasq works by forwarding dns requests from clients to real DNS servers with the ability to modify some responses on the fly. If I removed the dns servers from the config, the router just reverts to the ISP-assigned servers. You're answering my question by saying "fix your configuration" but the question itself is "how to fix the configuration".
  • 0x6A75616E
    0x6A75616E about 12 years
    thanks for your answer!, I've made sure all of the clients on the network don't have DNS servers hard coded. In fact, in every case 192.168.10.10 (the router itself) comes back as the first DNS server to hit. What happens is that some computers randomly hit the secondary DNS servers that DHCP is currently providing.. I've tried a million things and it just looks like there's no way to have it only serve itself. I might end up running some other dnsmasq instances on a different machine and use it as dns2 and dns3.. such a hack! lol. thx again.
  • 0x6A75616E
    0x6A75616E almost 12 years
    that's actually not a bad idea... I might just set up dhcp on another box and quit screwing around with ddwrt.
  • Mantriur
    Mantriur about 8 years
    This problem still exists in my Feb 2016 build, seems to be a feature. I'm ditching the router and am going to back to a Linux PC for this. People building router software should really have a better understanding of the privacy issues that come with this unexpected, uncommon, and irresponsible behavior of the GUI. If I have to hack stuff together myself, there's really no point in using a comparatively complicated and limited system. And when you're running DNS and DHCP already on another machine, what's left for the router? Packet pushing?
  • Mantriur
    Mantriur about 8 years
    There won't be a delay, because non-routable addresses will get dropped by the network stack immediately. It creates a minor amount of overhead and is a hack, but there should be no real world problems.
  • Residualfail
    Residualfail over 7 years
    This seems to have worked perfectly for myself. Very dumb question though. Which part of that first line specifies DHCP option 006? option:dns-server?
  • palswim
    palswim over 7 years
    @Residualfail: Yep; I think you can specify it numerically as well, but option:dns-server corresponds to DHCP option 006.
  • Residualfail
    Residualfail over 7 years
    Seems I might've spoken too soon. It doesn't look like dns is falling back to Google's dns after my internal dns is shutdown. =(

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

DD-WRT: DNSMasq expand-hosts not working
Use dnsmasq to pushing routes to my clients on a small local network
DD-WRT: dnsmasq headaches with static hosts
Can not restart dnsmasq due to " configuration syntax check [fail]"
Why do none of my local servers resolve?
Cannot open any web page, but MSN Messenger works
Running a DHCP Server on DD-WRT in "Repeater Bridge" mode?
Removing DHCP and DNS from Windows AD Domain
Force to use specific DNS provider at network
How to force DNS for specific clients?