What's new

[AC68U] Custom DNS servers with USB modem?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Nazgulled

Regular Contributor
Hi,

It seems one can only set custom DNS servers on the WAN configuration, but these have no impact on the USB configuration, which I'm currently using (there's just no other way for me to have Internet right now). Using a USD modem to connect to the Internet, I always seem to get the DNS servers from the ISP.

How can I override these with my own (I want to use Google's DNS servers) in the router itself? I know I can override them on each machine using this Internet connection, but I didn't want to do this per device.
 
Anyone?

Isn't there some command I could run through telnet or SSH to set the DNS servers for a specific connection?
 
I was thinking I could change the contents of /tmp/resolv.conf and remove all write permissions to this file.

Would this work without breaking anything else?
 
I was thinking I could change the contents of /tmp/resolv.conf and remove all write permissions to this file.

Would this work without breaking anything else?
Just tried this, didn't work. I don't have much knowledge on the router filesystem but I guess this /tmp location is recreated on each reboot and my changes are overridden.
 
Your router runs dnsmasq which is acting like a "dns server" for your LAN. You can add more upstream servers into its config. One way to do that is to create /jffs/configs/dnsmasq.conf.add

Code:
# content of /jffs/configs/dnsmasq.conf.add
# append google dns servers
server=8.8.4.4
server=8.8.8.8

Then restart dnsmasq by command line "service restart_dnsmasq"
 
Your router runs dnsmasq which is acting like a "dns server" for your LAN. You can add more upstream servers into its config. One way to do that is to create /jffs/configs/dnsmasq.conf.add

Code:
# content of /jffs/configs/dnsmasq.conf.add
# append google dns servers
server=8.8.4.4
server=8.8.8.8

Then restart dnsmasq by command line "service restart_dnsmasq"
Looking at the system logs I knew that dnsmasq was the thing that I really had to configure to make this work but I just didn't know how...

Anyway, I just tested your suggestion and it worked when I first did it but now, after a reboot, it's not working. I thought it was not surviving reboots but then I restarted dnsmasq again and it seems my ISP DNS servers are still being used.

Isn't there a way to completely override the DNS servers somehow?
 
Not exactly... The DNS servers I add to dnsmasq.conf.add are exactly that "added to", they are not overriding anything. Which means my ISP DNS servers are still being used, I want to completely override them and use just my own. I'll still take a look at that thread and see if anything helps me out :)
 
Your router runs dnsmasq which is acting like a "dns server" for your LAN. You can add more upstream servers into its config. One way to do that is to create /jffs/configs/dnsmasq.conf.add

Code:
# content of /jffs/configs/dnsmasq.conf.add
# append google dns servers
server=8.8.4.4
server=8.8.8.8

Then restart dnsmasq by command line "service restart_dnsmasq"
Your post helped me when adding more redundant dnscrypt servers following other forum members examples, saved me from rebooting the router quite a bit.
 
Just went through that thread, couldn't find anything of use for my case...

Does anyone know how can I force my own DNS servers by completely override whatever comes from any WAN interface?

I think this will help you out, even though it is for using dnscrypt, just instead of using loopback address's (127.0.0.1#123456) use the dns address you want (example 8.8.8.8#53), the optional part (/jffs/scripts/firewall-start) of the tutorial will force all your devices to use what is listed in /jffs/configs/dnsmasq.conf.add .
In my case I specified the dns at 8.8.8.8 on my computers network adapter settings to test if the router will over-ride my computer's setting, it did indeed work, the router sent my dns queries to what I specified in /jffs/configs/dnsmasq.conf.add

Edit: Sorry Nazgulled I didn't understand. I get it now your ISP is forcing there DNS servers on you. I think dnscrypt is a easy solution for your because it will use a different port then 53. I think your isp is intercepting port 53. Maybe you could try adding- no-resolv to the dnsmasq.conf.add and then server=8.8.8.8 under that. See if it works by restarting dnsmasq.
 
Last edited:
I don't think my ISP is forcing me their DNS servers by intercepting requests or something like that (but I might be wrong), I probably didn't explain myself properly. Let me try that again:
  • When I reboot my router, I get the following dnsmasq entries in the system log:
    Code:
    Jan  1 00:00:15 dnsmasq[598]: started, version 2.69 cachesize 1500
    Jan  1 00:00:15 dnsmasq[598]: warning: interface tun21 does not currently exist
    Jan  1 00:00:15 dnsmasq[598]: asynchronous logging enabled, queue limit is 5 messages
    Jan  1 00:00:15 dnsmasq[598]: read /etc/hosts - 5 addresses
    Jan  1 00:00:15 dnsmasq[598]: read /etc/hosts.dnsmasq - 6 addresses
    Jan  1 00:00:21 dnsmasq[598]: read /etc/hosts - 5 addresses
    Jan  1 00:00:21 dnsmasq[598]: read /etc/hosts.dnsmasq - 6 addresses
    Jan  1 00:00:21 dnsmasq[598]: using nameserver 87.103.113.177#53
    Jan  1 00:00:21 dnsmasq[598]: using nameserver 87.103.113.145#53
    Jan  1 00:00:42 dnsmasq[598]: read /etc/hosts - 5 addresses
    Jan  1 00:00:42 dnsmasq[598]: read /etc/hosts.dnsmasq - 6 addresses
    Jan  1 00:00:42 dnsmasq[598]: using nameserver 87.103.113.177#53
    Jan  1 00:00:42 dnsmasq[598]: using nameserver 87.103.113.145#53
    Jan  1 00:00:42 dnsmasq[598]: read /etc/hosts - 5 addresses
    Jan  1 00:00:42 dnsmasq[598]: read /etc/hosts.dnsmasq - 6 addresses
    Jan  1 00:00:42 dnsmasq[598]: using nameserver 87.103.113.177#53
    Jan  1 00:00:42 dnsmasq[598]: using nameserver 87.103.113.145#53
    Jan  1 00:01:17 dnsmasq[598]: read /etc/hosts - 5 addresses
    Jan  1 00:01:17 dnsmasq[598]: read /etc/hosts.dnsmasq - 6 addresses
    Jan  1 00:01:17 dnsmasq[598]: using nameserver 87.103.113.177#53
    Jan  1 00:01:17 dnsmasq[598]: using nameserver 87.103.113.145#53
    Jan  1 00:01:19 dnsmasq[598]: read /etc/hosts - 5 addresses
    Jan  1 00:01:19 dnsmasq[598]: read /etc/hosts.dnsmasq - 6 addresses
    Jan  1 00:01:19 dnsmasq[598]: using nameserver 87.103.113.177#53
    Jan  1 00:01:19 dnsmasq[598]: using nameserver 87.103.113.145#53
    Jan  1 00:01:20 dnsmasq[598]: exiting on receipt of SIGTERM
    Jan  1 00:01:20 dnsmasq[816]: started, version 2.69 cachesize 1500
    Jan  1 00:01:20 dnsmasq[816]: warning: interface tun21 does not currently exist
    Jan  1 00:01:20 dnsmasq[816]: asynchronous logging enabled, queue limit is 5 messages
    Jan  1 00:01:20 dnsmasq[816]: read /etc/hosts - 5 addresses
    Jan  1 00:01:20 dnsmasq[816]: read /etc/hosts.dnsmasq - 6 addresses
    Jan  1 00:01:20 dnsmasq[816]: using nameserver 87.103.113.177#53
    Jan  1 00:01:20 dnsmasq[816]: using nameserver 87.103.113.145#53
  • You can see the DNS servers from my ISP being referenced multiple times.
  • Then I created the /jffs/configs/dnsmasq.conf.add file with:
    Code:
    server=8.8.4.4
    server=8.8.8.8
  • Followed by restarting dnsmasq with service restart_dnsmasq command line.
  • I then get this in the system log:
    Code:
    Dec 29 01:17:10 dnsmasq[816]: exiting on receipt of SIGTERM
    Dec 29 01:17:10 dnsmasq[1753]: started, version 2.69 cachesize 1500
    Dec 29 01:17:10 dnsmasq[1753]: asynchronous logging enabled, queue limit is 5 messages
    Dec 29 01:17:10 dnsmasq[1753]: using nameserver 8.8.8.8#53
    Dec 29 01:17:10 dnsmasq[1753]: using nameserver 8.8.4.4#53
    Dec 29 01:17:10 dnsmasq[1753]: read /etc/hosts - 5 addresses
    Dec 29 01:17:10 dnsmasq[1753]: read /etc/hosts.dnsmasq - 6 addresses
    Dec 29 01:17:10 dnsmasq[1753]: using nameserver 8.8.8.8#53
    Dec 29 01:17:10 dnsmasq[1753]: using nameserver 8.8.4.4#53
    Dec 29 01:17:10 dnsmasq[1753]: using nameserver 87.103.113.177#53
    Dec 29 01:17:10 dnsmasq[1753]: using nameserver 87.103.113.145#53
    Dec 29 01:19:06 dnsmasq[1753]: exiting on receipt of SIGTERM
    Dec 29 01:19:06 dnsmasq[1770]: started, version 2.69 cachesize 1500
    Dec 29 01:19:06 dnsmasq[1770]: asynchronous logging enabled, queue limit is 5 messages
    Dec 29 01:19:06 dnsmasq[1770]: using nameserver 8.8.8.8#53
    Dec 29 01:19:06 dnsmasq[1770]: using nameserver 8.8.4.4#53
    Dec 29 01:19:06 dnsmasq[1770]: read /etc/hosts - 5 addresses
    Dec 29 01:19:06 dnsmasq[1770]: read /etc/hosts.dnsmasq - 6 addresses
    Dec 29 01:19:06 dnsmasq[1770]: using nameserver 8.8.8.8#53
    Dec 29 01:19:06 dnsmasq[1770]: using nameserver 8.8.4.4#53
    Dec 29 01:19:06 dnsmasq[1770]: using nameserver 87.103.113.177#53
    Dec 29 01:19:06 dnsmasq[1770]: using nameserver 87.103.113.145#53
  • Now I have 4 DNS servers and the ISP ones are the ones with an higher priority for some reason.
I want to avoid having those 4 DNS servers, I just want 2 and I want to be able to specify those 2. I looked through the link you posted but I'd rather follow some simpler approach (if possible), it shouldn't be that hard. Something must be missing to properly configure the DNS servers in some easy manner.
 
What about in the router's GUI. LAN--->DHCP Server---->Forward local domain queries to upstream DNS set it to OFF

I'm am just guessing.
 
What about in the router's GUI. LAN--->DHCP Server---->Forward local domain queries to upstream DNS set it to OFF
Just checked that setting and I had it OFF all long...

But I believe I just found a way to solve my problem and persist my change across reboots...

I created the /jffs/scripts/dnsmasq.postconf file with the following contents:

Code:
#!/bin/sh

CONFIG=$1

source /usr/sbin/helper.sh

pc_replace "resolv-file=/tmp/resolv.conf" "no-resolv" $CONFIG

pc_append "server=8.8.4.4" $CONFIG
pc_append "server=8.8.8.8" $CONFIG

nvram set wan1_dns="8.8.8.8 8.8.4.4"
The pc_replace line will make sure that dnsmasq won't be using the /tmp/resolv.conf file for the DNS servers (which gets populated somehow with my ISP DNS servers - this file contents is what I wanted to override but I can't seem to do that) and instead use the servers specified in the dnsmasq file itself, which is what the pc_append lines are doing.

The nvram set... line is not really needed, I just put it there so the changes are reflected in the Web UI. But I'm not really sure one should do "nvram set" commands inside a script file. Does anybody know!?

This is working nicely for me now. But I'm all hears if anyone has a different and better approach to my problem.
 

Similar threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Staff online

Top