10

I have a DD-WRT (using DD-WRT v24SP2-MULTI (03/21/11) std) router set up with DNSMasq to resolve certain domains to internal addresses and pass everything else thru. The router itself is configured to use Google’s public DNS servers to resolve addresses.

My setup screen looks like this:

DDWRT Setup Screen

My problem is that when a DHCP client connects, they get the router plus Google’s two DNS servers as the assigned DNS servers:

DNS servers assigned by DHCP

This is a problem because sometimes wireless clients try to resolve a domain that is supposed to point to an internal IP address and end up getting an external ip instead because for whatever reason their request is sent to 8.8.8.8 instead of to the router.

I don’t want the router to serve anything but its own IP as the DNS server. Is that possible?

Giacomo1968
  • 58,727
0x6A75616E
  • 211

8 Answers8

7

It's good that you're using DNSMasq.

You can configure what you want in the Services (> Services) tab, in the DNSMasq > Additional DNSMasq Options box, but first, you'll want to clear those Static DNS fields. Static DNS fields in "Setup > Basic Setup"

Add the following to the DNSMasq options box:

dhcp-option= option:dns-server, 192.168.10.10 # DHCP option 006

server = 8.8.8.8 # DNSMasq will use these servers for forwarding the DNS requests that it can't serve
server = 8.8.4.4
palswim
  • 3,601
4

I am not using DDWRT, so this is half-question / half-answer.

The manual DNSMasq as DHCP server says in the section "Extra DNSMasq options" :

There are some extra options in the web interface for DNSMasq that you can set by entering them in Additional DNSMasq Options on the "Services" tab.

If you wish to pass through the DNS servers from your ISP, you can use the following parameters:

dhcp-option=6, x.x.x.x, y.y.y.y

where x.x.x.x = DNS1 y.y.y.y = DNS2

This seems to mean that passing the ISP servers is optional, so locating and deleting the above line should turn it off.

harrymc
  • 498,455
4

Info taken from the official DD-WRT site: http://www.dd-wrt.com/wiki/index.php/OpenDNS

It appears you can set the remaining dns servers to non-routable IPs (in my case 10.0.0.0 & 10.0.0.1) and it will squeeze out your ISPs DNS servers with these non-routables. So far for me it seems to be working without any delay waiting on the non-existent DNS servers.

Giacomo1968
  • 58,727
CarlserversC
  • 41
3

A typical configuration option for DD-WRT is to allow the router to route DNS outside of the ISP's primary DNS servers; which you have succesfully done; however, since the requests are generating from the CLIENT machine, connecting TOO the router, the order of preference is always given to the configured DNS on the client's machine, and then to the router.

What you are describing happening is that the client is associating with your router, which is correct, but their DNS shows your router IP + 2 other DNS settings. Please check the client computer, and make sure that their IPV4 settings are set to dynamically pull the DNS server configuration from the connection, and not manually configure it:

Configuring Client

Then, make sure you have your DD-WRT router setup properly:

Configure Router

In your configuration above, you also have some issues; you have set the DHCP address range to start at 200 and end at 255; I would recommend you change that to start at 200 and end at 254; leaving the 255 address off, given that for normal configurations *.*.*.255 is a broadcast address, and not a normal IP address to use to assign to the associated client.

I highlighted the local DNS settings because you set yours to 127.0.0.1; which means you are running a local DNS server on the router. If this isn't the case, then change it to 0.0.0.0, or a proper address to a local DNS server on your network.

You'll notice that when the server & client are configured in this manner, only the routers DNS IP address will appear; and all requests will be routed through the DNS servers associated w/ the router.

Note on local DNS server If you wish the router to associate certain local address to local IP's you can add those to the DNSMasq configuration options in the proper DD-WRT screen, or use a local DNS server, and put in a proper IP address for that server (usually a static server, within the scope of the network). This way, the order of resolution will be the local server first, then the 2 external. But, still only the clients will see the router IP as the DNS server.

zackrspv
  • 1,893
2

If you do not want clients to reach external DNS do not put their addresses in your DHCP server config.

I suppose you wanted to add (eventually faster) google's DNS servers in a configuration of external DHCP Client (where DNSMASQ would take it's DNS client preferences)

Extra:

You have to add extra (all) DNS servers to WAN link configuration. DNSMasq will use them and never ones DHCP client would acquire from provider.

ZaB
  • 2,465
2

I've been having a similar problem after my router died and I've needed to get a flashed WRT160N running.

I have a box functioning as a local DNS server on 192.168.2.30 in my network. I basically want DHCP to only give out that address as a DNS server; I don't want DNS going anywhere else.

I'm using "Firmware: DD-WRT v24-sp2 (12/19/10) mini"

Doesn't seem to matter what combination of DNSMasq settings, DHCP settings, Local DNS, or whatever I use. If DNS Server 2 and DNS Server 3 are blank or match DNS Server 1, DD-WRT insists on handing out Comcast's DNS servers for those spots. I don't want this as I have 192.168.2.30 forwarding to OpenDNS for queries that aren't local.

I'm writing this off as a bug in this rather old (by now) version of DD-WRT and am going to be installling/configuring my own DHCP server on 192.168.2.30 and disabling DHCP on the router.

LawrenceC
  • 75,182
1

Added a few years late because I stumbled upon this searching for an answer... I added virtual interfaces to my pi-hole to handle 2 more ip addresses.

eth0 192.168.10.10
eth0.1 192.168.10.11
eth0.2 192.168.10.12

This allowed me to populate all 3 boxes with local addresses, and have it hand out enough that even though the dd-wrt router is handing out 5, 3 local and the 2 upstream ISP dns, my machines won't hit them.

dave
  • 11
  • 1
0

Chiming in with a less hacky method: If it's your LAN and your DNS, I'm sure there are some addresses to spare for having the DNS listen on three IPs.

The gain over having non-routable addresses should be irrelevant in practive, but at least you're not relying on something being broken and the routers response to it. You can never be sure if that won't change some day.

Mantriur
  • 281