A Question on DNS and Access Restrictions

Discussion in 'Tomato Firmware' started by HexImaL, Sep 4, 2007.

  1. HexImaL

    HexImaL LI Guru Member

    Hi, guys,

    I am using Tomato 1.07 on a WRT54GL v1.1 router. I have a couple of problems.

    When I check "Use Internal Caching DNS Forwarder" only, the router assigns dns IP's to the clients in the router's range (i.e. 192.168.2.xxx), but I have no internet access.

    When I check "Use Received DNS With Static DNS" only, the router assigns the ISP's dns servers to the clients, and everything is ok.

    When I check both, the router, again, assignes IP's in the range 192.168.2.xxx and there is no internet access, as the dns server is not working.

    How can I make the router "hide" the ISP's dns servers, by assigning working dns addresses, of the type "192.168.2.xxx"?

    Also, access restrictions don't seem to work, but I suppose that may be related to me deselecting "Use Internal Caching DNS Forwarder"?
  2. srouquette

    srouquette Network Guru Member

    in "Basic" > "Network", you can specify static DNS (like opendns.com)
    in "Advanced" > "DHCP / DNS", if you check "use internal caching", your router will use the DNS it received from your ISP or from your static DNS. And your computer's DNS will be your router, the router will cache the requests.
    If you check "use received DNS", you router will use the DNS from your ISP, and then the static DNS. If you want to use static DNS first, add "strict-order" (without the quotes) in Dnsmasq custom configuration.

    I'm using opendns and I checked both boxes, but "use received DNS" isn't mandatory.
  3. HexImaL

    HexImaL LI Guru Member

    Great info on the opendns.com service, thank you, I am using it right now. But I am still having problems when selecting "use internal caching". After rebooting the router, the dns caching doesn't work. Any ideas why?

    Also, if I deselect "internal caching", the access restrictions don't work, which is a problem for my set up.
  4. srouquette

    srouquette Network Guru Member

    do you use DHCP ?
    your NIC should be automatically configured with an IP and DNS servers (and with "internal caching" your DNS server should be your router address)
  5. HexImaL

    HexImaL LI Guru Member

    Yes, DHCP is enabled and the LAN clients get the router dns address (192.168.2.xxx), but then there's no name resolving on the LAN clients. If I disable the dns caching, the LAN clients get the ISP's (now the opendns's) dns server ip's and name resolving works (web pages open).

    Any ideas what might be wrong?

    Just found this topic here, seems to describe the same problem. I am using PPPoE, could this be the reason? They seem to be using a very old Tomato version, though.
  6. HexImaL

    HexImaL LI Guru Member

    Bump. Any tips on how to solve this problem?
  7. srouquette

    srouquette Network Guru Member

    sorry, I don't know what happen to your router, I don't use PPPoE.
  8. HexImaL

    HexImaL LI Guru Member

    I was hoping that someone else could be of help, as well. You've certainly helped me with your suggestions :)

    I just can't seem to make the "internal dns caching" to work. I wonder if it is a PPPoE specific problem, since some users already reported it in Tomato 1.00.
  9. HexImaL

    HexImaL LI Guru Member

    A quick update - Jon was really helpful with my problem, and explained that access restriction didn't work, because the router couldn't resolve the time server's ip address. After directly entering the ip of the time server, the router set its time and the access restrictions worked perfectly.

    Still no success with the dns servers, with "dns caching" on, but that's not such a big problem for my setup. It's either a PPPoE and DNS problem, or related to my ISP's restrictions.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice