DD-WRT :: View topic - [SOLVED] No Internet when Ignore WAN DNS is checked

[SOLVED] No Internet when Ignore WAN DNS is checked

DD-WRT Forum Index -> Broadcom SoC based Hardware

View previous topic :: View next topic

Author

Message

manchesterblack
DD-WRT User

Joined: 04 Mar 2021
Posts: 65
Location: Manchester

Posted: Mon Aug 15, 2022 16:34 Post subject: [SOLVED] No Internet when Ignore WAN DNS is checked

When I enable Ignore WAN DNS I get no internet connection
_________________
Netgear R7000
DD-WRT DD-WRT v3.0-r50595 std (10/23/22)
Manchester
Enable dnsmasq- Yes
Encrypt DNS- NO
DNSCrypt Resolver- No Using Smart DNS
Cache DNSSEC Data- Yes
Validate DNS Replies (DNSSEC)- NO
Check Unsigned DNS Replies- NO
No DNS Rebind- Enable
Query DNS in Strict Order- Enable
Add Requestor MAC to DNS Query- Disable
RFC4039 Rapid Commit Support- Enable
Maximum Cached Entries- 1500

Smart DNS - YES

server-https https://9.9.9.9/dns-query
server-tls 9.9.9.9:853 -host-name: dns.quad9.net
server-tls 5.2.75.75:853 -host-name: dot.nl.ahadns.net
server-https https://1.1.1.1/dns-query

Additional VPN Configuration-
pull-filter ignore "dhcp-option DNS6 "
pull-filter ignore "dhcp-option DNS "

Dnsmasq Additional Options

server=/pool.ntp.org/9.9.9.9
server=/pool.ntp.org/1.0.0.1
server=/adquard-dns.com/9.9.9.9

BrainSlayer wrote:
we just do it since we do not like any restrictions enforced by stupid cocaine snorting managers

Sponsor

egc
DD-WRT Guru

Joined: 18 Mar 2014
Posts: 12889
Location: Netherlands

Posted: Mon Aug 15, 2022 17:07 Post subject:

@Manchesterblack I split off your post.

Please do not hijack a thread and post in the right forum.
(The original post was about a warning about the no-resolv flag set)

Please familiarize yourself with the forum guidelines:
https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087

dale_gribble39
DD-WRT Guru

Joined: 11 Jun 2022
Posts: 1940

Posted: Mon Aug 15, 2022 17:11 Post subject:

Do you have static DNS servers set on the Setup -> Basic Setup tab?
Do you have no-resolv and server= lines entered in the additional dnsmasq config textbox on the Services -> Services tab?

EDIT: I see you are using SmartDNS. Share applicable configuration pages / text.
_________________
"The woods are lovely, dark and deep,
But I have promises to keep,
And miles to go before I sleep,
And miles to go before I sleep." - Robert Frost

"I am one of the noticeable ones - notice me" - Dale Frances McKenzie Bozzio

<fact>code knows no gender</fact>

This is me, knowing I've ruffled your feathers, and not giving a ****
Some people are still hard-headed.
--------------------------------------
Mac Pro (Mid 2012) - Two 2.4GHz 6-Core Intel Xeon E5645 processors 64GB 1333MHz DDR3 ECC SDRAM OpenSUSE Leap 15.5

manchesterblack
DD-WRT User

Joined: 04 Mar 2021
Posts: 65
Location: Manchester

Posted: Tue Aug 16, 2022 8:03 Post subject:

Do you have static DNS servers set on the Setup -> Basic Setup tab? - Yes I do
Do you have no-resolv and server= lines entered in the additional dnsmasq config textbox on the Services -> Services tab? - Blank

EDIT: I see you are using SmartDNS. Share applicable configuration pages / text.

Screenshot 2022-08-16 at 10.30.09.png

Description:

Filesize:

2.82 MB

Viewed:

1146 Time(s)

_________________
Netgear R7000
DD-WRT DD-WRT v3.0-r50595 std (10/23/22)
Manchester
Enable dnsmasq- Yes
Encrypt DNS- NO
DNSCrypt Resolver- No Using Smart DNS
Cache DNSSEC Data- Yes
Validate DNS Replies (DNSSEC)- NO
Check Unsigned DNS Replies- NO
No DNS Rebind- Enable
Query DNS in Strict Order- Enable
Add Requestor MAC to DNS Query- Disable
RFC4039 Rapid Commit Support- Enable
Maximum Cached Entries- 1500

Smart DNS - YES

server-https https://9.9.9.9/dns-query
server-tls 9.9.9.9:853 -host-name: dns.quad9.net
server-tls 5.2.75.75:853 -host-name: dot.nl.ahadns.net
server-https https://1.1.1.1/dns-query

Additional VPN Configuration-
pull-filter ignore "dhcp-option DNS6 "
pull-filter ignore "dhcp-option DNS "

Dnsmasq Additional Options

server=/pool.ntp.org/9.9.9.9
server=/pool.ntp.org/1.0.0.1
server=/adquard-dns.com/9.9.9.9

BrainSlayer wrote:
we just do it since we do not like any restrictions enforced by stupid cocaine snorting managers

Alozaros
DD-WRT Guru

Joined: 16 Nov 2015
Posts: 6440
Location: UK, London, just across the river..

Posted: Tue Aug 16, 2022 8:48 Post subject:

for VPN and DNScrypt, NTP time is a must...
if you cannot use your other DNS than this could mean your ISP or VPN
uses a forced DNS policy...but even thou you still can use encrypted DNS as you are using
DNScrypt or try SmartDNS encrypted DNS...via config rules..
to diagnose deeper you need to provide more details on your set up and what you've tried so far...

Just don't use SmartDNS along with Encrypted DNS option..just dont use them both with encryption options...

I'll rather use only SmartDNS, as it offers a better and more flexible config...
and you can have more than one DNS resolver...

Here is my SmartDNS set up (you can see my post where is my config)
https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=323896&postdays=0&postorder=asc&start=135

as well for more details on DNScrypt or Stubby DNS green & red links in my signature Razz

_________________
Atheros
TP-Link WR740Nv1 ---DD-WRT 55630 WAP
TP-Link WR1043NDv2 -DD-WRT 55723 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55779 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55819 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55779 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913

manchesterblack
DD-WRT User

Joined: 04 Mar 2021
Posts: 65
Location: Manchester

Posted: Tue Aug 16, 2022 10:09 Post subject:

Everything works well so no issues here. I updated to the latest DDWRT firmware and that seemed to have resolved all issues I had. Cheers mate.
_________________
Netgear R7000
DD-WRT DD-WRT v3.0-r50595 std (10/23/22)
Manchester
Enable dnsmasq- Yes
Encrypt DNS- NO
DNSCrypt Resolver- No Using Smart DNS
Cache DNSSEC Data- Yes
Validate DNS Replies (DNSSEC)- NO
Check Unsigned DNS Replies- NO
No DNS Rebind- Enable
Query DNS in Strict Order- Enable
Add Requestor MAC to DNS Query- Disable
RFC4039 Rapid Commit Support- Enable
Maximum Cached Entries- 1500

Smart DNS - YES

server-https https://9.9.9.9/dns-query
server-tls 9.9.9.9:853 -host-name: dns.quad9.net
server-tls 5.2.75.75:853 -host-name: dot.nl.ahadns.net
server-https https://1.1.1.1/dns-query

Additional VPN Configuration-
pull-filter ignore "dhcp-option DNS6 "
pull-filter ignore "dhcp-option DNS "

Dnsmasq Additional Options

server=/pool.ntp.org/9.9.9.9
server=/pool.ntp.org/1.0.0.1
server=/adquard-dns.com/9.9.9.9

BrainSlayer wrote:
we just do it since we do not like any restrictions enforced by stupid cocaine snorting managers

Display posts from previous:

Page 1 of 1

DD-WRT Forum Index -> Broadcom SoC based Hardware

All times are GMT

Navigation

Jump to:

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum

Log in

[SOLVED] No Internet when Ignore WAN DNS is checked

Quick Links

Log in