FritzBox 7490: Handing out a secondary internal DNS via DHCP impossible?

router dns dhcp fritzbox

10,714

Can't answer the question as given, but here's an alternative:

Let the Fritzbox hand out its own address for DNS via DHCP, as is the default. Configure the first of the two external DNS servers of the Fritzbox to be your DNS proxy (192.168.178.5), and the second your ISP's DNS server, or Google's, or whatever.

Configure your DNS proxy to use the ISP's DNS server directly.

Result: A DNS client making a DNS lookup will contact the Fritzbox. The Fritzbox will relay the lookup to your DNS proxy server. If the proxy server is down, the Fritzbox will use the ISP's DNS server.

Which should give the result you want. If the Fritzbox ever goes down, you'll have no internet, anyway, so that shouldn't be an issue.

All this assumes the Fritzbox uses the DNS server in the order given, and doesn't override them by your ISP's servers, which it may or may not do, so that needs testing.

10,714

Steve22

Updated on September 18, 2022

Comments

Steve22 almost 2 years
I have a Fritz!Box 7490 residential DSL/Modem/Router by AVM.

Additionally I run a DNS server at 192.168.178.5 (actually a Pi-hole Ad Blocker) which I have set in the Fritz!Box's DHCP settings as the DNS address to be distributed via DHCP to all clients. [2]

So when clients request an IP from the Fritz!Box, they are automatically told to ask DNS requests at 192.168.178.5. So far, so good.

The problem is, if this DNS server goes down (updates, reboot, anything), all clients lose the ability to resolve domains (i.e. no more internet). Therefore, I'd like to give them a secondary DNS to use in case the first is unavailable. This secondary DNS could even be the Fritz!Box itself (192.168.178.1), in which case ad-blocking won't work anymore but at least the internet access wouldn't be broken for them.

Seems easy enough, right? Well, unfortunately, the Fritz!Box GUI does not allow me to specify a secondary DNS to be distributed via DHCP (the GUI simply only has one field for one internal DNS server, whatever the reason for that might be). Elsewhere it does have fields for two external DNS servers to be used by the Fritz!Box itself if it acts as the DNS server itself but that's not useful or relevant in my scenario (those are set to OpenDNS servers).

So, seeing as it's not possible to set a secondary DNS in the GUI, I have looked into the configuration file (which you can access by downloading a backup of the Fritz!Box and opening it in a text editor). The relevant section for the LAN DNS server is:
```
dhcpserver {
        saveinterval = 1h;
        generic {
                default_lease_time = 10d;
                max_lease_time = 13d;
        }
        lan_dns4_server = 192.168.178.5;
}
```
Does anyone know how I can add a secondary DNS server here?

I'm really desperate, and removing the whole DHCP functionality from the Fritz!Box and setting up my own DHCP server to get around the fact that the Fritz!Box can't seem to give out a secondary DNS unfortunately is not an option, as it breaks several functions of the Fritz!Box (such as the built-in VPN and others).

² Setting the DNS that should be given to DHCP clients is done on the web interface at "Home Network > Home Network Overview > Tab 'Network Settings' > Button 'IPv4 Addresses' (German: Heimnetz > Heimnetzübersicht > Netzwerkeinstellungen > Schaltfläche IPv4-Adressen).

Hope you can help. Thanks.
- Tim_Stewart over 6 years
  
  Why not set the second DNS statically on the client adapter? Or just run a separate DHCP serving application?
- Timo about 3 years
  
  I have a 6591 and cannot enter elsewhere a second DNS Server. I put in the Dhcp Setting of FB the Fritzbox IP as Dns and on the client the pihole ip in the resolv env but this does not work. Maybe the pihole ip has to be set in the Fritzbox? My dhcpserver setting in the Fb config file is lan_dns4_server = 0.0.0.0;
- nickdos almost 3 years
  
  Just trying to setup a new Fritzbox and have hit the same issue. Every other router I've used has the option to enter 2 DNS servers for the same reasons you stated, so mind boggling that Fritzbox doesn't allow this. I've heard the beta firmware offers more/better functionality so that seems to be my last resort before returning this device.
- Admin about 2 years
  
  I just forwarded this issue to the AVM customer support. Let's hope that we get a fix for this in some of the next versions!
Steve22 over 6 years

Thought of that and already tried that, as it was originally recommended in many Pihole tutorials (has since been changed). The issues are manifold: 1) Internal resolution of clients to their iternal FQDN on the Pi webinterface (reverse lookups, so as to identify clients who make potentially rogue DNS requests) becomes impossible, killing some of the Pihole's appeal. 2) For unknown reasons this makes everything incredibly slow, sites can take many seconds to load now. It's apparently an issue with other routers as well, which is why it's now recommended to advertise the Pihole via DHCP.
Scott - Слава Україні about 6 years

If that blog is yours (as it appears to be) please say so explicitly in your answer.