NIP.IO doesn't work for local network behind LEDE (solved: DNS rebind protection)

We installed LEDE on router (with PPPoE ADSL modem) and found one problem. We are using for access to our web server virtualhosts.

Unfortunately with LEDE router we cannot resolve addresses on our local network:

$ ping
ping: No address associated with hostname

It works fine for IP outside of our network:

$ ping
PING ( 56(84) bytes of data.
64 bytes from icmp_seq=1 ttl=53 time=39.0 ms

We tried to change local network to 192.168.1.x but without luck.

Do you have any idea how to solve this problem? Thanks.

Sounds like DNS rebind protection in dnsmasq, the default DNS server in LEDE. It rejects private IP answers from upstream name servers.

I have not looked into LEDE uci options, but this is from dnsmasq help itself. Google for dnsmasq private ip

You need to check Openwrt LEDE wikis for info on how that translates into our config file

/etc/config/dhcp, as hnyman suggested, boguspriv, rebind_protection, rebind_localhost and (rather or) rebind_domain are relevant.

Adding to the RFC1918 responses domain whitelist (/etc/config/dhcp - config dnsmasq - list rebind_domain '') solved our problem. Thank you for fast response!

1 Like