DNS Forwarding not working

I am using OpenWrt Designated Driver 50061
My problem is quite simple. I HAVE to set external DNS for my network to work since my DNSMasq will only resolve local ips and refuse to forward requests to the configured dns forwarders

So if I do "nslookup google.com 192.168.1.1" it fails with

*** No internal type for both IPv4 and IPv6 Addresses (A+AAAA) records available for google.com
Server:  xxxxx.xxxxx.xxxxx
Address:  192.168.1.1

But doing it to 1.1.1.1 or 8.8.8.8 succeeds

The router also has this set up
:# cat /tmp/resolv.conf.auto

# Interface wan
nameserver 10.1.2.216
# Interface wan2
nameserver 10.213 5.15
nameserver 10.213.2.12

yet resolv.conf points to 127.0.0.1 and it nevers gets forwarded.
Maing page of dns settings: http://prntscr.com/le2c2f

I have no clue what i am doing wrong.

@openwrt-router:

uci show dhcp
netstat -lnp | grep dnsmasq
nslookup example.org 8.8.8.8
nslookup example.org 127.0.0.1
nslookup example.org $(uci get network.lan.ipaddr)

It works sometimes locally, some times it does not, right now it is working locally from the openwrt, but any pc in the network that tries to do a lookup vs the router will not get an address, it does send a response, an empty response.

root@openwrt:~# uci show dhcp
dhcp.@dnsmasq[0]=dnsmasq
dhcp.@dnsmasq[0].localise_queries='1'
dhcp.@dnsmasq[0].rebind_protection='1'
dhcp.@dnsmasq[0].rebind_localhost='1'
dhcp.@dnsmasq[0].local='/lan/'
dhcp.@dnsmasq[0].domain='lan'
dhcp.@dnsmasq[0].expandhosts='1'
dhcp.@dnsmasq[0].authoritative='1'
dhcp.@dnsmasq[0].readethers='1'
dhcp.@dnsmasq[0].leasefile='/tmp/dhcp.leases'
dhcp.@dnsmasq[0].resolvfile='/tmp/resolv.conf.auto'
dhcp.@dnsmasq[0].localservice='1'
dhcp.@dnsmasq[0].server='1.1.1.1' '8.8.8.8' '209.244.0.3'
dhcp.@dnsmasq[0].nonegcache='1'
dhcp.@dnsmasq[0].domainneeded='1'
dhcp.@dnsmasq[0].boguspriv='0'
dhcp.@dnsmasq[0].nonwildcard='1'
dhcp.@dnsmasq[0].interface='br-lan'
dhcp.lan=dhcp
dhcp.lan.interface='lan'
dhcp.lan.start='100'
dhcp.lan.limit='150'
dhcp.lan.leasetime='12h'
dhcp.lan.force='1'
dhcp.wan=dhcp
dhcp.wan.interface='wan'
dhcp.wan.ignore='1'
dhcp.odhcpd=odhcpd
dhcp.odhcpd.maindhcp='0'
dhcp.odhcpd.leasefile='/tmp/hosts/odhcpd'
dhcp.odhcpd.leasetrigger='/usr/sbin/odhcpd-update'
tcp        0      0 127.0.0.1:53            0.0.0.0:*               LISTEN      20072/dnsmasq
tcp        0      0 192.168.1.1:53          0.0.0.0:*               LISTEN      20072/dnsmasq
tcp        0      0 ::1:53                  :::*                    LISTEN      20072/dnsmasq
tcp        0      0 fdea:3879:67d8::1:53    :::*                    LISTEN      20072/dnsmasq
tcp        0      0 fe80::56b8:aff:fea6:3f0c:53 :::*                    LISTEN      20072/dnsmasq
udp        0      0 127.0.0.1:53            0.0.0.0:*                           20072/dnsmasq
udp        0      0 192.168.1.1:53          0.0.0.0:*                           20072/dnsmasq
udp        0      0 0.0.0.0:67              0.0.0.0:*                           20072/dnsmasq
udp        0      0 ::1:53                  :::*                                20072/dnsmasq
udp        0      0 fdea:3879:67d8::1:53    :::*                                20072/dnsmasq
udp        0      0 fe80::56b8:aff:fea6:3f0c:53 :::*                                20072/dnsmasq

nslookups

root@openwrt:~# nslookup openwrt.org 8.8.8.8
Server:    8.8.8.8
Address 1: 8.8.8.8

Name:      openwrt.org
Address 1: 10.1.2.216
root@openwrt:~# nslookup openwrt.org 127.0.0.1
Server:    127.0.0.1
Address 1: 127.0.0.1 localhost

Name:      openwrt.org
Address 1: 10.1.2.216
root@openwrt:~# nslookup openwrt.org $(uci get network.lan.ipaddr)
Server:    192.168.1.1
Address 1: 192.168.1.1

Name:      openwrt.org
Address 1: 10.1.2.216

So, why is it working locally but not remotely? I have to bypass the dns servers as to not use the local one or I would have no resolver.

Probably some flaw in firewall configuration.
It might also be OpenVPN with option block-outside-dns.

Workaround:

uci add_list dhcp.lan.dhcp_option='6,8.8.8.8,8.8.4.4'
uci commit dhcp
service dnsmasq restart

That is what i did, I forced it with dhcp option 6, but that effectively disables all local name resolving, say, I can't resolve ANY local computer by name.

And I monitored the network with wireshark. it turns out it does respond, with an empty response, saying there is no address. So, Why would dnsmasq reply if it did not do anything? what is going on? -_-

Is that true for any domain name or some specific?

Hi to try and rool out a bug you mite want to update as the build you are running is a bit old. 18.06.1 is the stable build. https://downloads.openwrt.org/releases/18.06.1/targets/

Sadly I usually use the image builder, and the latest image builder is broken for the DIR 860L, wifi does not work. according to this [Solved with using a different build] Dlink Dir-860L @OpenWRT 18.06 troubleshooting Wifi I am gonna try the r6796 build for that one. :frowning:

I will try to use the image builder in the 18.06.1 folder and see if it works. :slight_smile: