dnsmasq - alternative query Port

Discussion in 'Tomato Firmware' started by Bukkit, Oct 15, 2009.

  1. Bukkit

    Bukkit Addicted to LI Member

    Because of DNS-Server censoring in different country i though about using another DNS-Server as the one from my ISP.

    I read that some servers offer different Listen Ports (110) https://www.awxcnx.de/handbuch_21g.htm (german) to avoid blocking/intercetions on UDP Port 53 (like germans Vodafone does at their UMTS-Network).

    Now i'm technically interested if it possible to do this with tomato. The dnsmasq man page http://www.thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html offers query-port=<query_port>, but also notes:
    "NOTE that using this option will make dnsmasq less secure against DNS spoofing attacks but it may be faster and use less resources."
    My first question: why less secure?

    Does somebody already have used this setting?

    My other Question, and that points to the Mod TomatoVPN, is: Could i use a DNS Server which is running on my dedicated server where i'm connected via VPN the most time?
    i would need to set the vpn ip of the server at Basic -> Network 'Static DNS' or?
    this would route DNS request (could be udp port 53) though the vpn to my dedicated server and also passes dns blocking/interception from my ISP.
     
  2. ntest7

    ntest7 Network Guru Member

    The query_port option sets the source port (which is random for security), not the destination port.

    The option you want is
    server=87.118.100.175#110
     
  3. Bukkit

    Bukkit Addicted to LI Member

    you are right

    i decided to use this at my Dnsmasq Custom Configuration:
    Code:
    no-resolv
    server=85.25.149.144#110
    server=62.141.58.13#110
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice