OpenWrt behind ISP router -- DNS issue? IP6 issue?

I run my OpenWRT router with a lan & wireless in the 10.0.0.x range behind my ISP router which produces a NAT in 192.168.1.x range.

Normal browsing works well, but I can no longer reach the ISP box interface. This seems due to an DNS issue. I can ping the ISP router, but a browser connect on the same IP seems to do a reverse-name lookup, and then wants to connect to mabbox.bytel.fr or whatever. But OpenWRT nameserver query on that demain-same gives an IP6 adress only, while IP6 seems deactivated or points in the void. In the end, connection is broken.

Please install curl and run curl -I 192.168.1.1

curl -I 192.168.1.254
HTTP/1.1 302 Found
Location: https://mabbox.bytel.fr:443/
Date: Fri, 30 Jun 2023 10:30:59 GMT
Server: Lighttpd

Great, then
nslookup mabbox.bytel.fr and
nslookup mabbox.bytel.fr 192.168.1.254

nslookup mabbox.bytel.fr
Server: 10.0.0.1
Address: 10.0.0.1#53
Name: mabbox.bytel.fr
Address: 2001:861:80:de40:3224:78ff:fe72:e06c

and

nslookup mabbox.bytel.fr 192.168.1.254
Server: 192.168.1.254
Address: 192.168.1.254#53
Name: mabbox.bytel.fr
Address: 192.168.1.254
Name: mabbox.bytel.fr
Address: 2001:861:80:de40:3224:78ff:fe72:e06c

I should teach OpenWrt to forbard all bytel.fr traffic to 192.168.1.254 ... right?

This is a result of Rebind protection
You should probably allow Domain whitelist for the domain in question in DHCP and DNS configuration.
Additionally it probably will be a good idea to configure a "DNS Forwarding" on the same page as /mabbox.bytel.fr/192.168.1.254 or an "Address" as /mabbox.bytel.fr/192.168.1.254

2 Likes

Thank you !! That did it, indeed.

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.