Fast switch from primary DNS to another

real_root · April 20, 2019, 12:11pm

Hi guru!
I have 2 uplink connections through 2 different providers.
Provider 1 uses private DNS zone .gpn (i.e forum.gpn) to provide access to the city portal.
To resolve .gpn hosts, I use the primary dns from the 1st provider for all DNS queries.

All works fine. Still, sometimes the 1st provider's uplink is down. At the same moment, all DNS queries for internet sites are lost. When I run nslookup mail.ru, the 1st provider's DNS responses 'server can't find mail.ru: NXDOMAIN'. In this case, the internet is down. In order to solve this situation, I need to replace the primary DNS to 2nd provider's DNS (routing settings are already up).

HOW CAN I DO THAT?
What I do to solve this:
In '/etc/config/dhcp' I add option 'allservers '1''. In this case .gpn hosts sometimes is not resolved when faster DNS - provider 2's DNS. Another case is when the 1st provider's uplink is down, and provider 1's DNS work very fast, I receive the response: 'server can't find DOMAIN' for all domains.

P.S> All connections are pppoe and have static DNS servers (DNS servers are the same, day by day).

P.S.S> The best way - have settings same as 'allservers '1', but if response from faster DNS srv is 'server can't find', then waiting response from other dns

P.S.S.S.> I really must use the allservers '1', because sometimes on weekends the DNS of provider 1 is slow (sometimes the provider 2's is slow).

mikma · April 20, 2019, 12:19pm

I would configure reliable dns servers as primary, secondary, ternary etc dns servers. And then add DNS forwarding for the domains (such as .gpn) that can't be resolved through those servers.

real_root · April 20, 2019, 12:29pm

Thanks for you reply.
In my country (Uzbekistan) not placed reliable dns servers. Google and Open VPN have big ping - 100 ms and above. So i use dns servers from my providers.

How can I do that?

vgaetera · April 20, 2019, 12:45pm

real_root · April 20, 2019, 5:43pm

Thanks. It's works.
I'll try to use it with "allservers '1'" and "list server 'providers_dns1 providers_dns2 8.8.8.8'" options . We'll see what happens when 1st provider's uplink is down.

vgaetera · April 20, 2019, 5:59pm

The correct syntax is multiple list entries, one IP address per entry.

real_root · April 20, 2019, 7:14pm

I know that.

And one more question about dnsmasq. I use gargoyle - that's openwrt fork.
In this fork when service dnsmasq starting, it creates temorary config file /tmp/etc/dnsmasq.conf.cfgxxxxx. I think in original openwrt it works the same way. I opened config /tmp/etc/dnsmasq.conf.cfgxxxxx and didn't see string 'all-servers'. To fix it I replaced string in /etc/init.d/dnsmasq:

append_bool "$cfg" allservers "--all-servers"
to
append_bool "$cfg" allservers "--all-servers" 1

After this patch and restart dnsmasq service, the string 'all-servers' appeared in /tmp/etc/dnsmasq.conf.cfgxxxxx.

vgaetera · April 20, 2019, 7:45pm

Works for me by default:

# opkg list-installed dnsmasq
dnsmasq - 2.80-1.4
# grep all-*servers /etc/init.d/dnsmasq 
	append_bool "$cfg" allservers "--all-servers"
# uci get dhcp.@dnsmasq[0].allservers
uci: Entry not found
# uci set dhcp.@dnsmasq[0].allservers="1"
# uci get dhcp.@dnsmasq[0].allservers
1
# service dnsmasq restart
# grep -H all-*servers /var/etc/dnsmasq.conf.* 
/var/etc/dnsmasq.conf.cfg01411c:all-servers