1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Nonexistent hosts are resolving to router

Discussion in 'Tomato Firmware' started by tobiasly, Jan 8, 2009.

  1. tobiasly

    tobiasly Addicted to LI Member

    I'm using latest firmware (1.23), upgraded from previous version (1.18 maybe?) although I'm not sure how long I've had this problem...

    I have "Use Internal Caching DNS Forwarder" checked with static DNS entries and "Use Received DNS With Static DNS" unchecked. It is mostly working; both public and internal hostnames get resolved correctly, but the problem is that all nonexistent hosts get resolved to my router's public IP address.

    So if I type "ping asdfasdf" from any computer on my LAN, then it will ping the router's public IP address. It's not just ping; if I also try telnet etc. then they all try to connect to the router instead of returning "unknown host". I've tried this on two different computers on my LAN, one Windows and the other Linux.

    If I type "dig asdfasdf" from a computer on the LAN, the router's DNS server correctly returns no result (i.e. the Authority section contains only a root nameserver and there is no Answer section).

    Any ideas what's going on here?
     
  2. rhester72

    rhester72 Network Guru Member

    Could be that your ISP is intercepting failed DNS calls and returning the "wrong" answer on purpose. Try a bare nslookup directly to your ISP's primary DNS IP and see what it returns - if that's the case, there's little you can do other than complain to the ISP and/or switch to OpenDNS.

    Rodney
     
  3. tobiasly

    tobiasly Addicted to LI Member

    Thanks for the suggestion Rodney, but I had already checked that; in fact I'm not using my ISP's DNS because they do exactly that. I'm instead using 4.2.2.1 and 4.2.2.2 which are the DNS servers that Verizon and others use and one of the very few that haven't resorted to DNS spamming.

    I really can't understand why everyone raves about OpenDNS since they do the exact same thing.
     
  4. rhester72

    rhester72 Network Guru Member

    It's actually very, very easy to disable (or customize) that behavior in OpenDNS. I'm quite a fan myself.

    Rodney
     
  5. tobiasly

    tobiasly Addicted to LI Member

    Really?? I had looked at them before and set up an account but I thought you had to pay for an upgraded account to remove the fake results. So if you query them for a nonexistent host you get an honest-to-goodness NXDOMAIN on a free account?

    I'm wondering if my problem is due to the upgrade, I'll probably try wiping flash and re-applying my config if no one else has any suggestions...
     
  6. rhester72

    rhester72 Network Guru Member

    Code:
    cerberus:/etc# nslookup doesntexistblah.net 208.67.222.222
    Server:    208.67.222.222
    Address 1: 208.67.222.222 resolver1.opendns.com
    
    nslookup: can't resolve 'doesntexistblah.net'
    I'd go with yes. =)

    Rodney
     
  7. NickJH

    NickJH LI Guru Member

    OpenDNS only works like that if you register an an account with them then change the default settings advanced options - I think it it the "Enable OpenDNS proxy" option which you need to disable.
     
  8. tobiasly

    tobiasly Addicted to LI Member

    Thanks for the info on OpenDNS guys, I think I'll give them another try.

    As for the problem with my router, it's my own stupid fault. I have a personal domain name and use a subdomain on it for all hosts on my LAN, such as host.my.domain.com. So I just realized that I created a wildcard DNS entry on that subdomain a while back for testing (my DNS server is on a separate VPS I rent so I forgot about it), and since my resolv.conf listed my.domain.com then any host it couldn't find got resolved under that subdomain.
     

Share This Page