Posted: Sun Mar 06, 2022 6:52 Post subject: R7000 no DNS config works
I have reset to factory defaults and flashed to latest (Firmware: DD-WRT v3.0-r48432 std (03/01/22).
In an effort to get ANY DNS to work I have tried using default settings (to use my ISP DNS) and that did not work.
I have tried many configurations (and read so many posts and tutorials i can't keep track andam at my wit's end) but currently have it set to use cloudflare DNS. I have attached screenshots of this config. (please let me know if there are other relevant setting I might be missing!)
Joined: 16 Nov 2015 Posts: 6437 Location: UK, London, just across the river..
Posted: Sun Mar 06, 2022 7:49 Post subject:
first make sure your NTP time is working and router receives correct time..
Basic set up>down at the bottom NTP time...
also disable 'Query DNS in strict order'
than try to add those lines to advanced DNSmasq options
no-resolv
server=1.1.1.1
server=1.0.0.1
there may be an option, where your ISP DNS is forcing a strict use of their DNS provided...but, as you tried already ISP dns and its not working this is suspicious...
also to override it, in case of forced DNS try to turn on encrypt DNS option as a last measure... _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55630 WAP
TP-Link WR1043NDv2 -DD-WRT 55723 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55779 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55819 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55779 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
Last edited by Alozaros on Sun Mar 06, 2022 8:20; edited 1 time in total
Joined: 08 May 2018 Posts: 14221 Location: Texas, USA
Posted: Sun Mar 06, 2022 11:48 Post subject:
I still haven't disabled query in strict order. And I don't use any static DNS entries, everything is via additional configs and I use forced DNS redirection option. _________________ "Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Contribute To DD-WRT Pogo - A minimal level of ability is expected and needed... DD-WRT Releases 2023 (PolitePol)
DD-WRT Releases 2023 (RSS Everything)
----------------------
Linux User #377467 counter.li.org / linuxcounter.net
just throwing this out --- I am a bit 'across the way' since I use the EA8500 ...but anyways:
kernel-panic69 wrote:
I still haven't disabled query in strict order. And I don't use any static DNS entries, everything is via additional configs and I use forced DNS redirection option.
haven't disabled query in strict order ---> yea, me either
I don't use any static DNS entries ---> nah, I use:
64.6.64.6
64.6.65.6
those two are public 'Verisign' DNS servers... they do DNSSEC also
I just never was a big fan of cloudfare
everything is via additional configs ---> I never used such
use forced DNS redirection option ---> always & forever
Ignore WAN DNS ---> enabled
all is kinda currently moot for me since I enabled 'unbound' last week
NO special reason ---> only testing it see iffin the big guy, BS breaks somepin...it is worky all good
most likely & just for hellofit will go back to Verisgn DNS soon
Posted: Mon Mar 07, 2022 2:12 Post subject: Re: R7000 no DNS config works
Firstly thank you all for the attempts at troubleshooting. I have tried all of the mentioned tips, but the problem remains that I cannot resolve DNS server.
I have noticed that my dnsmasq.conf file has a line that does not seem to be represented in the GUI and I am suspicious that it is causing the issue. I have bolded the suspicious line below (server=127.0.0.1#30)
following images is my config attempting to use quad9 encrypted DNS and here is my dnsmasq.conf file:
interface=br0
resolv-file=/tmp/resolv.dnsmasq
strict-order
server=127.0.0.1#30
no-resolv
dhcp-leasefile=/tmp/dnsmasq.leases
dhcp-lease-max=190
dhcp-option=br0,3,192.168.1.1
dhcp-authoritative
dhcp-range=br0,192.168.1.64,192.168.1.253,255.255.255.0,1440m
bogus-priv
conf-file=/etc/rfc6761.conf
clear-on-reload
stop-dns-rebind
dhcp-option=252,"\n"
cache-size=1500
no-resolv
server=9.9.9.9
server=9.9.9.10
please let me know if anybody knows where that server=127.0.0.1#30 is coming from and if that is normal.
You can lead a horse to water but you can't make it drink ! _________________ Netgear R7800 PPPoE Main Router
Network IPV4 - Isolated Vlan's with IoT Devices. Unifi AC-Pro x 3 AP's, Router Wi-Fi Disabled. OVPN Server With Paid Commercial Wireguard Client's. Gateway Mode, DNSMasq, Static Leases & DHCP, Pi-Hole DNS & Running Unbound.
No one can build you the bridge on which you, and only you, must cross the river of life!
Joined: 16 Nov 2015 Posts: 6437 Location: UK, London, just across the river..
Posted: Tue Mar 08, 2022 15:42 Post subject:
latestthing using encrypted DNS option, usually adds this line to the DNSmasq.config
server=127.0.0.1#30
and shortly... this is how encrypted DNS works...
than, if you add another lines like those
server=9.9.9.9
server=1.1.1.1
you cause your own mess...as DNSmasq will get messy
you either use one of those options...either encrypted DNS or added servers= in advance DNSmasq box
your best bet is to use only encrypted DNS....
if its not working, than you must have troubles...more often NTP time is not correct...
choose correct time zone and,
add this IP to basic settings>ntp time box
162.159.200.1
this is cloudflare ntp time server...
than save apply and reboot...
for more advanced uses of DNS services check red and green links in my signature... _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55630 WAP
TP-Link WR1043NDv2 -DD-WRT 55723 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55779 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55819 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55779 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
just FYI to any others that see this. It simply started working again on its own. My only viable theory is that my ISP (comcast xfinity ) did something that broke custom DNS or even encrypted DNS somehow and then fixed it.
I had encrypted DNS settings and it didn't work for days and then suddenly did with no changes to settings.
also NOTE:
the silly mozilla people with last few new FireFox browsers has 'DNS over HTTPS' enabled by default
so that will get around most common router settings unless you disable it...
which I always make sure 'DNS over HTTPS' is disabled because FF default is to use Cloudflare servers
for it AND I am NOT a fan of them