DNS Override by ISP

[mail3dexter]

Hello,

I am using ASUS RT-N16 router and AsusWRT Merlin Firmware 378.50 on it.

I couldnt find any options on Merlin firmware where I could override DNS provided by ISP.

Basically what I want is, the DNS sent by DHCP on LAN should be the one's provided by ISP, and if in case my ISP link/DHCP/PPPoE is down, there should'nt be any DNS sent to LAN DHCP clients.

 

[ColinTaylor]

I don't understand what it is that you're trying to achieve when you say that "there shouldn't be any DNS sent to LAN DHCP clients".

However, I expect that the default settings would be sufficient.

Go to LAN > DHCP Server > DNS and WINS Server Setting and make sure that DNS Server 1 and 2 are blank. That way your LAN clients will use the router as their DNS server irrespective of whether your WAN is functioning.

Go to WAN >Internet Connection > WAN DNS Setting and set Connect to DNS Server automatically to Yes.

Go to WAN > Internet Connection > Basic Config and set Redirect to error page to Never.

In this scenario clients on your LAN can resolve each others names even when you WAN is down, whilst any DNS requests for hosts not on your LAN are forwarded to you ISP as normal.

 

[mail3dexter]

Let me make it more clear to you.

DHCP clients on LAN should only receive DNS servers provider by PPPoE server by ISP. Clients should not get DNS as local router.

The thing i am trying to achieve is, this way when my internet connection is down, my DHCP clients such as iPhone wont receive any DNS server and it will think the internet is down.

If it receives DNS as local router, it stays connected to router and doesnt get any notifications and other stuffs. I know it has mechanism to check whether WiFi is really having internet but it doesnt work all the time.

So, in simple words, If internet connection is up, DHCP should sent DNS servers received by ISP and if internet is down, it should not send any DNS server to DHCP clients.

 

[ColinTaylor]

I don't think it's possible to do what you want. The router uses dnsmasq as its DHCP server.

http://www.thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html

By default, dnsmasq sends some standard options to DHCP clients, the netmask and broadcast address are set to the same as the host running dnsmasq, and the DNS server and default route are set to the address of the machine running dnsmasq.

You can change the value(s) of the DNS server, but as far as I can see you can't remove it.

 

[mail3dexter]

This was working for me without any prob extra config when I was using TomatoUSB. I had moved to AsusWRT Merlin few weeks back and I'm trying to make it as it was working in TomatoUSB.

http://s9.postimg.org/ngjujvy8f/tomato_4.png

 

[john9527]

Starting with Merlin 378.52 there is an option under LAN -> DHCP Servers

Advertise router's IP in addition to
user-specified DNS

set it to No

(Also picked up in my fork around the same time as Merlin's release)

 

[mail3dexter]

Dont have that option in 3.0.0.4.378.50_0. Cant upgrade as I am using ASUS RT-N16 and this is the latest firmware supported.

 

[john9527]

You can try making a dnsmasq.postconf script in /jffs/scripts (but you will have to manually supply the dns ip's you want used, dns1ip and dns2ip)

#!/bin/sh
CONFIG=$1
source /usr/sbin/helper.sh
 
pc_insert "dhcp-authoritative" "dhcp-option=lan,6,dns1ip,dns2ip" $CONFIG
 
exit

 

[mail3dexter]

You can try making a dnsmasq.postconf script in /jffs/scripts (but you will have to manually supply the dns ip's you want used, dns1ip and dns2ip)

#!/bin/sh
CONFIG=$1
source /usr/sbin/helper.sh

pc_insert "dhcp-authoritative" "dhcp-option=lan,6,dns1ip,dns2ip" $CONFIG

exit

But will not stop sending DNS servers when my WAN will go down ?

 

[john9527]

I think you have a misunderstanding of how DHCP works....AFAIK the DNS servers are sent once, when the client requests a lease. Then they are set until the lease expires or the client requests a new lease.

 

[mail3dexter]

I think you have a misunderstanding of how DHCP works....AFAIK the DNS servers are sent once, when the client requests a lease. Then they are set until the lease expires or the client requests a new lease.

I know how DHCP works but for your kind info, my DHCP client i.e. iPhone's WiFi goes to sleep when locked and when awaking it, it check again with DHCP server.

 

[john9527]

OK....so when it wakes it requests a new lease as I said. With the postconf I sent it will always be supplied the dns servers you specify.

EDIT: The other option for you might be to use Parental Controls -> DNSFilter and you can specify the DNS Servers to be used by specific clients.

 

[mail3dexter]

OK....so when it wakes it requests a new lease as I said. With the postconf I sent it will always be supplied the dns servers you specify.

EDIT: The other option for you might be to use Parental Controls -> DNSFilter and you can specify the DNS Servers to be used by specific clients.

Thank you very much for your information John however it will not satisfy my criteria.

It is simple,
When WAN is down:
Will not send any DNS server to clients

When WAN is up:
Will send DNS server provided by ISP's only (local router not included)

 

[john9527]

Then sorry, I don't know how to do that. And I'm probably missing something....but I'm still not sure of the problem you are trying to solve. If the WAN is down, DNS requests will time out and fail. What will not supplying a DNS accomplish?

 

[mail3dexter]

Then sorry, I don't know how to do that. And I'm probably missing something....but I'm still not sure of the problem you are trying to solve. If the WAN is down, DNS requests will time out and fail. What will not supplying a DNS accomplish?

The thing is for e.g. my iPhone stays connected to WiFi network if it gets all parameters including DNS server even though my WAN is down. This way it doesnt receives any emails / messages / notifications as it considers that internet is up but its not. There is a mechanism in Apple devices wherein they check whether internet is really up by opening an apple website link but it doesnt works all the time. I want to solve this. This is working as expected without any additional config in TomatoUSB.

 

[ColinTaylor]

There is a mechanism in Apple devices wherein they check whether internet is really up by opening an apple website link but it doesnt works all the time. I want to solve this. This is working as expected without any additional config in TomatoUSB.

Then I think the solution is to understand this mechanism and why it isn't working. Trying to remove the DNS fields from a DHCP reply doesn't seem to be a good solution, you might just as well disable the entire DNS/DHCP server until your WAN becomes available again.

Have you tried setting "WAN > Internet Connection > Basic Config > Redirect to error page" to "Never". If your iPhone is just checking for a web page response it might be as simple as that.

 

[john9527]

The option Colin refers to got moved in the later Merlin levels.....I think it's now under Administration...