Can't get DNS redirect to work

Hello,

I'm very new to OpenWRT (actually started today) and still quite a starter when it comes to Networking, but I ran across an issue.

I'm trying to redirect users of my network from domain 'lorikku.be' to another website. I found a thread on the old archived forum about this: https://forum.archive.openwrt.org/viewtopic.php?id=36875

I was supposed to add domain to my dhcp conf and then specify the name of the domain and its ip, like this:

config domain
	option name 'www.lorikku.be'
	option ip '176.62.170.69'

But when I surf to that website (lorikku.be), I don't get to see the content from the other site (176.62.170.69)

I also tried via the DNS Forwardings section but that doesn't work either.

Thanks for the help in advance!

What is the output of:

uci show network; uci show dhcp; ls -l /etc/resolv.* /tmp/resolv.*; head -n -0 /etc/resolv.* /tmp/resolv.*

Are the hosts using OpenWrt as a nameserver or have configured different ones? (like OpenDNS, GoogleDNS, etc)
Also did you restart dnsmasq to apply the changes?

Edit: I tried it on my setup and just works.

Hello, thanks for your reply!

I don't know what nameservers are, I guess it has something to do with the DNS?

This is what the output is of your code:

network.loopback=interface
network.loopback.ifname='lo'
network.loopback.proto='static'
network.loopback.ipaddr='127.0.0.1'
network.loopback.netmask='255.0.0.0'
network.globals=globals
network.globals.ula_prefix='fd4f:90f5:440c::/48'
network.lan=interface
network.lan.type='bridge'
network.lan.ifname='eth0.1'
network.lan.proto='static'
network.lan.ipaddr='192.168.1.1'
network.lan.netmask='255.255.255.0'
network.lan.ip6assign='60'
network.wan=interface
network.wan.ifname='eth1'
network.wan.proto='dhcp'
network.wan6=interface
network.wan6.ifname='eth1'
network.wan6.proto='dhcpv6'
network.@switch[0]=switch
network.@switch[0].name='switch0'
network.@switch[0].reset='1'
network.@switch[0].enable_vlan='1'
network.@switch_vlan[0]=switch_vlan
network.@switch_vlan[0].device='switch0'
network.@switch_vlan[0].vlan='1'
network.@switch_vlan[0].ports='1 2 3 4 0t'
dhcp.@dnsmasq[0]=dnsmasq
dhcp.@dnsmasq[0].domainneeded='1'
dhcp.@dnsmasq[0].localise_queries='1'
dhcp.@dnsmasq[0].rebind_protection='1'
dhcp.@dnsmasq[0].rebind_localhost='1'
dhcp.@dnsmasq[0].local='/lan/'
dhcp.@dnsmasq[0].domain='lan'
dhcp.@dnsmasq[0].expandhosts='1'
dhcp.@dnsmasq[0].authoritative='1'
dhcp.@dnsmasq[0].readethers='1'
dhcp.@dnsmasq[0].leasefile='/tmp/dhcp.leases'
dhcp.@dnsmasq[0].resolvfile='/tmp/resolv.conf.auto'
dhcp.@dnsmasq[0].nonwildcard='1'
dhcp.@dnsmasq[0].localservice='1'
dhcp.lan=dhcp
dhcp.lan.interface='lan'
dhcp.lan.start='100'
dhcp.lan.limit='150'
dhcp.lan.leasetime='12h'
dhcp.lan.dhcpv6='server'
dhcp.lan.ra='server'
dhcp.wan=dhcp
dhcp.wan.interface='wan'
dhcp.wan.ignore='1'
dhcp.odhcpd=odhcpd
dhcp.odhcpd.maindhcp='0'
dhcp.odhcpd.leasefile='/tmp/hosts/odhcpd'
dhcp.odhcpd.leasetrigger='/usr/sbin/odhcpd-update'
dhcp.odhcpd.loglevel='4'
dhcp.@domain[0]=domain
dhcp.@domain[0].name='www.lorikku.be'
dhcp.@domain[0].ip='176.62.170.69'
lrwxrwxrwx    1 root     root            16 Jan 29 16:06 /etc/resolv.conf -> /tmp/resolv.conf
-rw-r--r--    1 root     root            32 Feb  6 17:36 /tmp/resolv.conf
-rw-r--r--    1 root     root           175 Feb  6 17:07 /tmp/resolv.conf.auto
==> /etc/resolv.conf <==
search lan
nameserver 127.0.0.1

==> /tmp/resolv.conf <==
search lan
nameserver 127.0.0.1

==> /tmp/resolv.conf.auto <==
# Interface wan
nameserver 195.130.131.5
nameserver 195.130.130.5
search home
# Interface wan6
nameserver 2a02:1800:100::45:1
nameserver 2a02:1800:100::45:2
search telenet.be

Edit: Yes I have restarted the router.

@lorikku, welcome to the community!

Then you should add lorikku.be also.

Hi, thanks for the warm welcome!

Just did that, sadly still not working

That fast?

• Did you /etc/init.d/dnsmasq restart or reboot?
• Did you clear the DNS cache on your client used to test?

I rebooted and tested, how do I clear the DNS cache?

Edit: I cleared the DNS cache, still the same.

Please provide the output of the following commands -

From the OpenWrt:

nslookup lorikku.be
nslookup www.lorikku.be

From the client:

nslookup lorikku.be 192.168.1.1
nslookup www.lorikku.be 192.168.1.1

From the OpenWrt:

root@OpenWrt:~# nslookup lorikku.be
Server:		127.0.0.1
Address:	127.0.0.1#53

Name:      lorikku.be
Address 1: 176.62.170.69
*** Can't find lorikku.be: No answer
=======================================
root@OpenWrt:~# nslookup www.lorikku.be
Server:		127.0.0.1
Address:	127.0.0.1#53

Name:      www.lorikku.be
Address 1: 176.62.170.69
*** Can't find www.lorikku.be: No answer

From the client:

Loriks-MacBook-Pro:~ loriku$ nslookup lorikku.be 192.168.1.1
Server:		192.168.1.1
Address:	192.168.1.1#53

Name:	lorikku.be
Address: 176.62.170.69
================================================================
Loriks-MacBook-Pro:~ loriku$ nslookup www.lorikku.be 192.168.1.1
Server:		192.168.1.1
Address:	192.168.1.1#53

Name:	www.lorikku.be
Address: 176.62.170.69

Ummmm...your devices resolve the lookups to your desired IP...can you explain your remaining issues, if any?

Oh my god you're right, I'm just confused:

When you search lorikku.be, you get a 404 error (page not found)
When you search for that IP you also get the EXACT SAME error 404

So my conclusion was that nothing was happening, but it's just the page that is identical on both websites...
Sorry that I wasted your time, I have another question now though.

There is probably no way with DNS only, but if there is, how can I change the URL so it redirects to a whole different URL? Since the DNS only changes the domain, total URL manipulation is not possible right?

DNS hostnames and URLs are on different levels of abstraction. For example, the DNS never sees anything after the first /. It would require altering URLs in packets, which is impossible with HTTPS.

This kinda config is usually done on the web server or web page. See:

• https://en.wikipedia.org/wiki/HTTP_301
• https://en.wikipedia.org/wiki/Meta_refresh
• https://en.wikipedia.org/wiki/URL_redirection

So if I wanted to actually change the URL, I would have to redirect the DNS to a website I made myself, and by using an automatic redirect on my website I could pretty much change the whole destination when someone tries to connect to 'lorikku.be'

I guess...it's hard to determine since you haven't explained what you're actually trying to accomplish or solve.

Since you mentioned a 404 error, I'm led to believe that you're trying to steer traffic to a web server you don't control, and is not configured to respond to 'lorikku.be'.

Your configuration is correct. If your hosts don't have a separate setting for NS (is the same with DNS), then they are using the OpenWrt for resolver.
Make sure you have restarted the dnsmasq service and run the following on OpenWrt host [www.lorikku.be](http://www.lorikku.be) and nslookup [www.lorikku.be](http://www.lorikku.be) on the hosts.

Exactly, but I already found a solution so don't worry about it. Thanks a lot for helping!

Yep seems to be working!

When you search lorikku.be, you get a 404 error (page not found)
When you search for that IP you also get the EXACT SAME error 404

So my conclusion was that nothing was happening, but it's just the page that is identical on both websites...

Sorry for wasting any time!

No worries, the email carrying my post arrived too late. It was supposed to be post #4, but now it looks like out of order...

Btw, I'm left with one more question.
How do I redirect ALL dns requests to the same IP address?

Right now I'm trying to accomplish this by using iptables in the firewall rules:

iptables -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.1.114:80

So I'm trying to redirect everyone on the network to 192.168.1.114 on port 80, but it doesn't work.
Every time I try to access an HTTP site (including the OpenWrt LuCi interface), it just times out.

I've tried changing the ports from 80 to 443 for HTTPS, but just results in HTTPS sites timing out.

Thanks a lot again!

You are redirecting the wrong port. DNS works on port 53.
https://openwrt.org/docs/guide-user/firewall/fw3_configurations/forced_dns_redirection
https://openwrt.org/docs/guide-user/services/dns/intercept