[Solved]DNS settings not taking effect

Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Marvell MVEBU based Hardware (WRT1900AC etc.)
Author Message
sjdwrt
DD-WRT Novice


Joined: 30 Jan 2017
Posts: 10

PostPosted: Mon Jun 24, 2019 16:14    Post subject: [Solved]DNS settings not taking effect Reply with quote
I changed my DNS settings on my wrt1900acsv2 (Firmware: DD-WRT v3.0-r40009 std (06/11/19)) to not use the default ISP DNS server and instead use Cloudflare DNS servers with Google DNS as the alternative. I have attached the screenshots of my setup. After rebooting the router, when I run traceroute to google.com ip on the dd-wrt ssh console it shows it is using the ISP DNS. Any idea what could be wrong with my setup?

Last edited by sjdwrt on Tue Jun 25, 2019 13:35; edited 1 time in total
Sponsor
eibgrad
DD-WRT Guru


Joined: 18 Sep 2010
Posts: 8034

PostPosted: Mon Jun 24, 2019 16:50    Post subject: Reply with quote
When you use the no-resolv directive, that assumes you will also define your preferred DNS servers in the DNSMasq config file, which is accessible via the Additional DNSMasq Options field on the Services page.

Code:
no-resolv
server=8.8.8.8
server=8.8.4.4
server=1.1.1.1
server=1.0.0.1

_________________
DD-WRT: DNS Leak Detection w/ VPNs (updated 6/5/19)
NEW SCRIPT!: ddwrt-mount-usb-drives.sh
NEW SCRIPT!: ddwrt-blacklist-domains.sh
NEW SCRIPT!: ddwrt-ovpn-remote-access.sh
NEW SCRIPT!: ddwrt-pptp-policy-based-routing.sh
sjdwrt
DD-WRT Novice


Joined: 30 Jan 2017
Posts: 10

PostPosted: Mon Jun 24, 2019 18:21    Post subject: Reply with quote
I have that - since the additional options window has a scroll bar those settings did not appear in the attached image.

strict-order
server=1.1.1.1
server=1.0.0.1
server=8.8.8.8

Thinking more about it, I guess on the traceroute the 192.168.1.254 is probably the wan port that dd-wrt router is talking to my ISP router - so is it possible that the correct DNS server is being used? How to verify that from the ssh console? I tried
"cat /proc/net/ip_conntrack"" as suggested in a forum post but that file does not exist anymore.
zakaron
DD-WRT User


Joined: 03 Jun 2016
Posts: 87

PostPosted: Mon Jun 24, 2019 18:54    Post subject: Reply with quote
I have a very similar setup as you with the options:

no-resolv
server=x.x.x.x

in the DNSmasq option list in order to use custom DNS servers rather than ISP supplied servers from DHCP. If you want to verify that the router is actually using the DNS you specify, go to the Status page, scroll to the bottom, then click the number of "Active IP Connections". In the pop-up window, you can sort by service type, then look for any outside DNS connections and this will show what external server it is talking to.
eibgrad
DD-WRT Guru


Joined: 18 Sep 2010
Posts: 8034

PostPosted: Mon Jun 24, 2019 19:10    Post subject: Reply with quote
sjdwrt wrote:
I have that - since the additional options window has a scroll bar those settings did not appear in the attached image.

strict-order
server=1.1.1.1
server=1.0.0.1
server=8.8.8.8

Thinking more about it, I guess on the traceroute the 192.168.1.254 is probably the wan port that dd-wrt router is talking to my ISP router - so is it possible that the correct DNS server is being used? How to verify that from the ssh console? I tried
"cat /proc/net/ip_conntrack"" as suggested in a forum post but that file does not exist anymore.


Take a look at my signature where I provide a link to where I talk about preventing DNS leaks w/ VPNs. Although you're not using a VPN, there is relevant information regarding how to tell w/ certainty (yes, using ip_conntrack) which DNS servers are being used, and from which network interface (which is only of concern for VPN users).

_________________
DD-WRT: DNS Leak Detection w/ VPNs (updated 6/5/19)
NEW SCRIPT!: ddwrt-mount-usb-drives.sh
NEW SCRIPT!: ddwrt-blacklist-domains.sh
NEW SCRIPT!: ddwrt-ovpn-remote-access.sh
NEW SCRIPT!: ddwrt-pptp-policy-based-routing.sh
sjdwrt
DD-WRT Novice


Joined: 30 Jan 2017
Posts: 10

PostPosted: Mon Jun 24, 2019 19:48    Post subject: [Solved]:DNS settings not taking effect Reply with quote
Thank you so much for your help. I checked the active IP connections and on looking at dns entries it shows remote server address as 1.1.1.1 (and the other 2 as well). Also I checked the /proc/net/nf_conntrack and it also has entries for the DNS servers when I greped for dport=53. So I think the router is correctly using the configured DNS servers and not the ISP DNS. Once again thank you for all your help.
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Marvell MVEBU based Hardware (WRT1900AC etc.) All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum