DNS hijacking tutorial page question

I have question about the DNS hijacking page located here . At the end it describes DNS redirection

It only says how to redirect to only one server, Is it possible to redirect to more than one because I run my DNS server locally and have two.

Here is the code

# Configure firewall
uci set firewall.dns_int.name="Redirect-DNS"
uci set firewall.dns_int.src_ip="!"
uci set firewall.dns_int.dest_ip=""
uci -q delete firewall.dns_masq
uci set firewall.dns_masq="nat"
uci set firewall.dns_masq.name="Masquerade-DNS"
uci set firewall.dns_masq.src="lan"
uci set firewall.dns_masq.dest_ip=""
uci set firewall.dns_masq.dest_port="53"
uci set firewall.dns_masq.proto="tcp udp"
uci set firewall.dns_masq.target="MASQUERADE"
uci commit firewall
/etc/init.d/firewall restart

Any help would be appreciated

No, that would require a load balancer.

But if you have two, the primary is usually the one getting most of the traffic, so I'd send the intercepted DNS calls to the secondary.


I thought it might be something easy like,

My servers are not on dedicated machines they run on HyperV one is on my main desktop and the other is on what I call my media center and the odds of one going down is fairly good.

Thanks for your reply.

problem is if you have one target IP, and two redirection IPs, the system won't know where to send the traffic.

it needs to be a 1:1 relation.

you can always set up a pihole with some cloud provider, and point all DNS calls there, that's what I've done.

1 Like

You can use DNS forwarding for load balancing.