Set system DNS to something other than dnsmasq config

Hi all,
Just joined this forum after days of research and trying out different methods suggested here.

I want to use dnsmasq to forward my clients requests to a specific DNS. This works fine with the following config:
uci set dhcp.@dnsmasq[0].noresolv='1'
uci set dhcp.@dnsmasq[0].server='x.x.x.x'

However, this causes my openwrt system to use the same DNS. see below:

ll /etc/ | grep resolv

lrwxrwxrwx 1 root root 16 Jul 6 05:09 resolv.conf -> /tmp/resolv.conf

ll /tmp | grep resolv

-rw-r--r-- 1 root root 47 Aug 15 11:32 resolv.conf
drwxr-xr-x 2 root root 60 Aug 13 14:42 resolv.conf.d/

cat /tmp/resolv.conf

search lan
nameserver ::1

cat /etc/resolv.conf

search lan
nameserver ::1

cat /tmp/resolv.conf.d/

search lan

How do I force the system not to use dnsmasq, but to use the entry in /tmp/resolv.conf.d/ which is obtained via wan interface ?

UPDATE: it works if I just point /etc/resolv.conf to /tmp/resolv.conf.d/ , but what is the purpose of /tmp/resolf.conf then ? Need to understand what can break in this case. What would be the proper way of doing this?

You want your LAN clients to use a specific DNS server and not the routers DNSMasq (

If so you might look into DNSMasq option 6, from my notes:

Option 6
DNSMasq by default sends the routers address as DNS server to your local LAN clients.
You can alter this with option 6 and send specific DNS server to use by your clients.
As your client now does the DNS query instead of DNSMasq the DNS query just follows the routing of the client, so if the client is routed via the VPN the DNS query will go out of the VPN.

Tagging options are set in /etc/config/dhcp
First you make a tag (in this case tag1) with the option and the DNS servers of choice.
Then you add clients (e.g. static leases) and assign a tag to these clients, Below an example of three clients.
It is possible to assign option 6 to a whole interface.

config tag 'tag1'
option dhcp_option '6,,'

config host
option name 'client1'
option mac '00:21:63:75:aa:17'
option ip ''
option tag 'tag1'

config host
option name 'client2'
option mac '01:22:64:76:bb:18'
option ip ''
option tag 'tag1'

1 Like

just a note, you don't need the tag if all clients are supposed to use it...


by design the default owrt concept is the following:
dnsmasq is used as a caching dns service which provides local dns service for your lan clients and using the dns servers captured in option resolvfile '/tmp/resolv.conf.d/' as upstream dns providers. latter file content is automatically generated, using dns servers defined by your ISP for example.

as you correctly pointing out there is also /etc/resolv.conf because owrt is a linux based solution and traditionally linux machines are using /etc/resolv.conf to define their dns upstream servers, in order owrt router as a linux machine to run for example opkg update / install or anything as a linux machine and not as proxy for your lan clients, will need a resolv.conf file. and again, by design, due to router's physical memory architecture things which can be auto-generated and or temporary are stored under /tmp which is a volatile storage. if you reboot your router /tmp will be flushed. hence /tmp/resolv.conf is auto-created and linked as /etc/resolv.conf.

the point with this setup, that owrt router as a linux machine will also use dnsmasq, so can access all lan clients by name, and also use the upstream dns servers, by default. thus out-of-box both your lan clients and the owrt router itself can use dns service (by default whatever your ISP set) to reach internet hosts and access local machines by name.

of course, if you want to use something other than your ISP-defined dns upstream you can ignore them and use different ones.

1 Like

Thanks everyone for your time and detailed replies.

So as far as I understand, I need to write a script in hotplug.d folder - after wan interface comes up it needs to read network config and get dns server obtained via wan dhcp, then put that server value/ip to /tmp/resolv.conf. Since /etc/resolv.conf points to /tmp/resolv.conf it should work?

The DHCP DNS IPs from wan should be picked up automatically.

But the router doesn't really need DNSes, for the clients to have working internet access, they're mostly used for ntp sync (unless you use IPs), and package installation.

no. it is all automatic.

again, by default:

lan clients ---> owrt dnsmasq ---> ISP dns upstream.
owrt (for opkg install) 

from ISP, the delegated dns upstream servers are collected into the * file. this is used by dnsmasq as upstream resolver.

the clients and owrt itself are using dnsmasq. if dnsmasq cannot resolve something (i.e. public hostname) it will turn to upstream dns server.

you don't need to write any hotplug, or set anything, this is the default.

you only need to make changes if:

  • you want not your ISP's delegated dns server but something else, there are plenty of well known services or etc
  • you want your owrt to not talk to dnsmasq but directly to an upstream dns server.

I think you can just disable localuse and reboot.

uci set dhcp.@dnsmasq[0].localuse='0'
uci commit dhcp

Then reboot. During boot, /tmp/resolv.conf will be linked to /tmp/resolv.conf.d/, and /etc/init.d/dnsmasq will no longer re-write it with

That's it! I was blind and you made me see! :)))

It was there all along in the list, but didn't really understand it:

Thank you everyone for your help! Great community!

thank you grrr:) my case was 2) I didnt want my system to talk to dnsmasq, because dnsmasq will be used for clients only to point them to a specific local dns server in the network.
Also, dhcp option to delegate the exact ip to the clients wasn't my preferred solution as I didnt eant the clients to see what is going on in the background, so their DNS is just their local router.

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.