Make lan to use dns of wan

SyedAhmedMohiuddinPe · September 28, 2020, 5:59pm

I want to configure DNS for a wan interface, And I might be having multiple wans.
When the DNS is not configured for a lan interface, the wan which is used for outgoing lookup queries, only that DNS of wan should get used.
I tried with the below configurations.

/etc/config/network

config interface 'lan_lan01'
    option  type  'bridge'
    option  dname  'lan01'
    option  force_link  '1'
    option  disabled  '0'
    option  proto  'static'
    option  ipaddr  '192.168.10.1'
    option  netmask  '255.255.255.0'
    option  ifname  'eth0.4085 eth4'

config interface 'wan_0'
    option  ifname  'eth1'  
    option  proto  'dhcp'  
    option  disabled  '0'          
    list  dns  '8.8.4.4'

/etc/config/dhcp

config dhcp 'lan01'                                 
    option  interface  'lan_lan01'                  
    option  leasetime  '10m'         
    option  start  '10'              
    option  limit  '20'              
    option  ignore  '0'              
    option  dhcpv6  'server'         
    option  ra  'server'             
    option  ra_default  '1'          
    option  ndp  'server'

/etc/config/firewall

config zone 'wan_0'             
    option  name  'wan_0'               
    option  network  'wan_0'           
    option  input  'DROP'              
    option  output  'ACCEPT' 
    option  forward  'DROP'          
    option  masq  '1'                  
    option  mtu_fix  '1'

So, any lookup queries from lan1 to wan_0 should use 8.8.4.4(configured for wan_0).
But I see the reques is going to 8.8.4.4 and as well as to the upstream router. And if I configure another wan with different dns then this dns also will be queried for lookups.

vgaetera · September 28, 2020, 6:14pm

Disable peer DNS and set up a custom DNS provider:
https://openwrt.org/docs/guide-user/base-system/dhcp_configuration#upstream_dns_provider

It's important to apply the settings for each WAN interface.

Utilize DNS hijacking if the issue persists:
https://openwrt.org/docs/guide-user/firewall/fw3_configurations/intercept_dns

SyedAhmedMohiuddinPe · September 30, 2020, 11:28am

Thanks, I added the option of peerdns after which lookup queries are not being sent to the upstream router.
Any lookup query to any wan then dns1, dns2, and dnsn are used which I don't want.

     __________________
lan1 |                 | wan1 configured with dns1
lan2 |  OpenWRT router | wan2 configured with dns2
lann |_________________| wann configured with dnsn

considering the above scenario, If the looup query from any lan is sent via wan1, then dns1(configured for wan1) should get used and if the lookup query from any lan is sent via wan2, then dns2(configured for wan2) should get used, similarly with wann.

erdoukki · September 30, 2020, 12:28pm

in each LAN, add custom DNS In General Settings
Screenshot_2020-09-30 LPM - Interfaces - LuCI

SyedAhmedMohiuddinPe · September 30, 2020, 12:40pm

I already have that and I'm using dnsmasq for each lan. Basically I want to configure dns for wan interface which will be used when there will be no dns set for lan.
For example:
If I've lan1 and wan1 and lte.
And dns1 is configured for wan1 and dns2 configured for lte.
And dns is not configured for lan1.
Then the lookup queries via lte should use dns2, and lookup queries via wan1 should use dns1.

vgaetera · September 30, 2020, 12:56pm

Add static routes to specific DNS via specific WAN.
Alternatively, you can ifdown or disable the unused interfaces to make their DNS inactive.