DNS rebind attack error in log


I have a Windows domain network in my home. All clients point to the domain controller for DNS. That DNS server forwards to my ISP DNS servers as forwarders. Setup works great. I do NOT use my router for DNS resolution.

I've noticed in my LEDE System log (WRT1900ACv1 router running a Davidc502 release), the following warning:

daemon.warn dnsmasq[9724]: possible DNS-rebind attack detected: win2k8.xxx.xxx

Win2k8 is the name of my internal server and this warning occurs every 10 seconds.

Is there a configuration change I can make in LEDE to prevent this warning from occurring?


uci add_list dhcp.@dnsmasq[-1].rebind_domain=win2k8.xxx.xxx; uci commit; /etc/init.d/dnsmasq restart.

Thank you! I assume this puts my server in some sort of "white list"?

Precisely. But in the setup you've described I'm surprised this comes up in the logs at all.