Two DNS server questions


#1

Using a Surf SOHO with firmware 6.3.1.

**Question 1: **
For DHCP users, the router is giving out OpenDNS DNS servers: 208.67.222.222 and 208.67.220.220. Yet, computers using DHCP do not report the OpenDNS servers, they report that the IP address of the router is being used for DNS. **Why? **This is not a problem, assorted online tests confirm that OpenDNS is indeed being used, just a question as to why clients see the router IP address as their DNS server.

Note that DNS forwarding (Advanced ->Service Forwarding) is NOT enabled. Seems like that might have explained things.

Update: Some additional checking shows that I do have DNS Proxy (Network -> Network settings) enabled. Does that explain things?

**Question 2: **

I have noticed that some LAN devices using DHCP are not using OpenDNS for DNS. I have determined that they, at times, use Google’s DNS servers (8.8.8.8 and/or 8.8.4.4). Would DNS forwarding prevent this? Would it force *all *devices using DHCP to use the DNS servers I configured in the router (for OpenDNS)?

Thank you.


#2

Here are the answers to your questions:

  1. I was not able to re-create the issue so let’s look at this closer starting with a default configuration. The SOHO assigns itself as the DNS server and acts as the DNS proxy. It uses what is configured on the WANs for resolving DNS requests. To assign Open DNS servers to the DHCP clients uncheck “Assign DNS server automatically” in the DHCP server settings and fill in the fields with Open DNS servers. After a new DHCP lease the LAN client will show the open DNS servers and you will see DNS requests will go out as active sessions under Status> Active Sessions. Is it possible a new DHCP lease was needed after making the change?

  2. The DNS proxy is enabled by default and the SOHO resolves DNS for LAN clients. It will not get used however, if LAN clients are assigned open DNS instead (even if it the DNS proxy is still enabled). DNS forwarding, on the other hand is not enabled by default. To enable this feature the DNS proxy must be enabled first. The SOHO will then intercept all DNS requests regardless of what the clients have for DNS settings and resolve DNS requests using the DNS servers on its WAN connection.

I hope this information helps for clarification.


#3

Thanks, Ron.

How does Peplink define “all DNS requests”? Is it UDP to port 53 or both UDP and TCP to port 53? I ask because I have seen devices use TCP on port 53 for DNS.

Also, the manual (section 19.8.3 DNS Forwarding) does not mention that DNS Proxy has to be enabled as a pre-req for DNS forwarding.

Michael


#4

Hi Michael,

Peplink uses only UDP port 53 for resolving DNS requests. Good catch on the user manual, a warning message does appear on the GUI however.


Ron