DNS Service Forwarding funtionality


#1

Could do with some help if possible.

I have a question / issue regarding the DNS service forwarding feature.

I am using a Balance 30 router running official 7.0.0 build 3310 firmware.
I have a specific DNS address configured in my WAN 1, which works as expected for all devices with an IP address from Peplink DHCP
I have enable DNS Service Forwarding.
I have set my DNS Resolver to be my WAN 1

When I manually statically set my device’s DNS to 8.8.8.8 I was expecting the DNS Service Forwarding feature to intercept my device’s DNS requests and forward it to the DNS configured in my WAN 1. However that doesn’t happen, the static DNS on my device continues out via 8.8.8.8

Have I misunderstood the functionality or have I missed something in the configuration.

Any advice would be appreciated.

Many thanks

Noel


#2

Silly question for you. You have enabled DNS proxy and DNS caching in the LAN settings? Make sure “include google public DNS” is unchecked. Then on the service forwarding, make sure that you have enabled the DNS forwarding option to capture outbound DNS requests. I believe that combination will keep traffic from going to google public DNS.

Hope that helps


#3

Thanks for your reply

DNS proxy in the main “Network” page is enabled, Google’s public DNS is also un-checked. DNS forwarding in “Service Forwarding” options is selected also but still no joy.

I haven’t enabled DNS caching though. I can try that but my understanding is that that will only improve speed of DNS resolve as it will cache previous DNS results. No harm in selecting though I guess.

Noel


#4

Pretty sure that DNS forwarding will only work if you have it set to cache DNS. No sense intercepting a DNS request if you have to make a DNS request 100% of the time to fill the request. I have had no issues with my DNS caching.

I just checked the wording of the DNS forwarder and mine says that it will intercept the requests and forward them to the local DNS proxy. I assume that local dns proxy means local dns caching server (Peplink DNS cache).

Good luck buddy. You can also setup an outbound firewall rule to block DNS. That will insure that no DNS requests leave your LAN (except from the Peplink itself)