DNS issue when using router for DNS

Post new topic   Reply to topic    DD-WRT Forum Index -> General Questions
Author Message
Cobra1582
DD-WRT User


Joined: 29 Nov 2011
Posts: 104

PostPosted: Thu Jul 07, 2022 21:27    Post subject: DNS issue when using router for DNS Reply with quote
Hi so I got myself a domain for my internal network to I can use lets encrypt certs on various VMs I run on my internal ESXI server as well as my Pis.

Being lazy and I created some DNS entry for subdomains on my internal network. I know not the best idea but nothing is accessable from outside of my internal network so should be safe and if they got inside then they could do nmap anyway.


If I use router DNS non of my devices can find any of my subdomains if I set 1.1.1.1 on the device works fine.

Waiting on a replacement pi to host pihole which will take over running local DNS and handle internal resolotions as I have a wildcard cert now so wont need to have the domains on the outside long term.

Just spotted for some reason my ISP DNS server are still present

IPv4 DNS 0 192.168.0.1
IPv4 DNS 1 1.1.1.1
IPv4 DNS 2 1.0.0.1
IPv4 DNS 3 8.8.8.8
IPv4 DNS 4 81.139.57.100
IPv4 DNS 5 81.139.56.100


not sure what i am doing wrong


cheers

D
Sponsor
dale_gribble39
DD-WRT Guru


Joined: 11 Jun 2022
Posts: 1899

PostPosted: Thu Jul 07, 2022 21:31    Post subject: Reply with quote
Router model doesn't specifically matter, but what revision number of DD-WRT are you current running? Current releases have the ability to ignore WAN DNS as well as redirect DNS and DoT/DoH queries to DNSmasq on the router. Gratuitous visuals (screenshots) of all applicable configuration tabs would help work wonders in troubleshooting your situation.
_________________
"The woods are lovely, dark and deep,
But I have promises to keep,
And miles to go before I sleep,
And miles to go before I sleep." - Robert Frost

"I am one of the noticeable ones - notice me" - Dale Frances McKenzie Bozzio

<fact>code knows no gender</fact>

This is me, knowing I've ruffled your feathers, and not giving a ****
Some people are still hard-headed.

--------------------------------------
Mac Pro (Mid 2012) - Two 2.4GHz 6-Core Intel Xeon E5645 processors 64GB 1333MHz DDR3 ECC SDRAM OpenSUSE Leap 15.5
Cobra1582
DD-WRT User


Joined: 29 Nov 2011
Posts: 104

PostPosted: Thu Jul 07, 2022 22:33    Post subject: Reply with quote
Firmware: DD-WRT v3.0-r47381 std (09/08/21)
Time: 23:17:39 up 47 min, load average: 0.22, 0.07, 0.01

sorry that was stupid of me
Cobra1582
DD-WRT User


Joined: 29 Nov 2011
Posts: 104

PostPosted: Thu Jul 07, 2022 22:38    Post subject: Reply with quote
WAN
Configuration Type
Connection Type PPPoE
Login Status Connected
Access Concentrator Name acc-aln1.df
Connection Uptime 1:07:17
IPv4 Address
Gateway 172.16.13.163
IPv4 DNS 0 192.168.0.1
IPv4 DNS 1 1.1.1.1
IPv4 DNS 2 1.0.0.1
IPv4 DNS 38.8.8.8
IPv4 DNS 4 81.139.56.100
IPv4 DNS 5 81.139.57.100
Cobra1582
DD-WRT User


Joined: 29 Nov 2011
Posts: 104

PostPosted: Thu Jul 07, 2022 22:41    Post subject: Reply with quote
screen shot of pages that seem to cover DNS


router3.png
 Description:
 Filesize:  73.41 KB
 Viewed:  1217 Time(s)

router3.png



router2.png
 Description:
 Filesize:  47.98 KB
 Viewed:  1220 Time(s)

router2.png



router1.png
 Description:
 Filesize:  39.2 KB
 Viewed:  1220 Time(s)

router1.png


dale_gribble39
DD-WRT Guru


Joined: 11 Jun 2022
Posts: 1899

PostPosted: Thu Jul 07, 2022 22:49    Post subject: Reply with quote
There's a checkbox on your WAN setup for ignore WAN DNS. Use it. But I would also recommend upgrading to the current release unless there is a valid reason not to (such as PPPoE not working).

https://download1.dd-wrt.com/dd-wrtv2/downloads/betas/2022/07-04-2022-r49418/


_________________
"The woods are lovely, dark and deep,
But I have promises to keep,
And miles to go before I sleep,
And miles to go before I sleep." - Robert Frost

"I am one of the noticeable ones - notice me" - Dale Frances McKenzie Bozzio

<fact>code knows no gender</fact>

This is me, knowing I've ruffled your feathers, and not giving a ****
Some people are still hard-headed.

--------------------------------------
Mac Pro (Mid 2012) - Two 2.4GHz 6-Core Intel Xeon E5645 processors 64GB 1333MHz DDR3 ECC SDRAM OpenSUSE Leap 15.5
Cobra1582
DD-WRT User


Joined: 29 Nov 2011
Posts: 104

PostPosted: Fri Jul 08, 2022 9:15    Post subject: Reply with quote
thanks will update to new software over the weekend.

Everything had seemed to be working and as you re-enter all your details in again as it was not broken and was not aware of any security flaws I decided to stick with what I got.

Is there any way to quickly reconfigure the router as I know one not meant to use the backup file for different firmware?

Have switched on ignore wan DNS can't beleive i missed that lol thanks for the hellp
the-joker
DD-WRT Developer/Maintainer


Joined: 31 Jul 2021
Posts: 2146
Location: All over YOUR webs

PostPosted: Fri Jul 08, 2022 10:13    Post subject: Reply with quote
Cobra1582 wrote:
... as it was not broken and was not aware of any security flaws I decided to stick with what I got.


You wont be aware of any but the security flaws exist in 3rd party libraries and some are being actively exploited to variant degrees depends if you use the functionality or not, but openssl is one such example, so it is always better to run patched code than running exploitable code, its better to be safe than sorry.

All that has been patch in current public build http://ftp.dd-wrt.com/dd-wrtv2/downloads/betas/2022/07-04-2022-r49418/

All DD-WRT users should upgrade at the very least once a month minimum to keep up with security patches. Sadly these days every other day more exploits are found and patched and DD-WRT is prtty good at updating these 3rd party components as soon as they patch the code upstream its in our repos usually the same day the code is released.

_________________
Saving your retinas from the burn!🔥
DD-WRT Inspired themes for routers
DD-WRT Inspired themes for the phpBB Forum
DD-WRT Inspired themes for the SVN Trac & FTP site
Join in for a chat @ #style_it_themes_public:matrix.org or #style_it_themes:discord

DD-WRT UI Themes Bug Reporting and Discussion thread

Router: ANus RT-AC68U E1 (recognized as C1)
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> General Questions All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum