Unknown package 'maradns'

Hi fellow nerds!

Unable to find and install maradns on openwrt 18.06 , xiaomi mini router (mt7620).

root@OpenWrt:~#  opkg install maradns
Unknown package 'maradns'.
Collected errors:
 * opkg_install_cmd: Cannot install package maradns.
  • opkg search works
  • opkg installs other packages

Any binaries available ? or does it have to be compiled ?

Offtopic: Thanks so much for openwrt btw . I went from why bother flashing router you goddamn nerds. To becoming one myself. And a proud nerd at that..

The last changes to maradns happened more than 10 years ago: https://git.openwrt.org/?p=openwrt%2Fopenwrt.git&a=search&h=HEAD&st=commit&s=maradns

maradns is not listed in the package table

I guess maradns has simply been dropped and is no longer available.


Since MaraDNS is in deep freeze — I only fix security and other serious bugs — here is a list of some other DNS software out there.

I'd suggest looking at the actively supported unbound (which is widely used by major OS distributions) if dnsmasq isn't meeting your needs adequately.


Its interesting that maradns has been dropped/frozen.
Maybe someone (me?) should remove this page - https://openwrt.org/docs/guide-user/services/dns/maradns ?

I was just messing around to install a dns server on my router. What I thinking

  • install dns app on openwrt
  • dns app fetches all DNS records in bulk from another DNS server , say google's or cloudflare
  • stores all records in usb hdd (database?)
  • dns app will listen on port 53. for dnsmasq to query.

I am sure its possible. but would it be a bad idea wrt to performance ?

For a home network only having few requests. Irregular updates to DNS would work fine.

dnsmasq, which is installed by default, likely does what you need, including:

  • Fetch DNS results from "upstream" servers (you can specify which servers)
  • Cache those results

I'm not sure why you would want to cache the results on a hard drive. I'm not aware of any end-user resolver that does that, nor a use case that would suggest it. DNS is transient, with lifespans of minutes or hours, for virtually all non-root records. Even in cases where a tiny fraction of records are used for authoritative DNS servers (which only a tiny number of end users likely run), only a single domain or handful of domains typically. Nobody caches the entire Internet!

"Irregular" updates still mean potentially every 5-10 minutes or less, as a time-to-live for a record of 600 seconds isn't unheard of, especially in the era of cloud-deployed services. The TTL varies by record, and really should be re-queried any time they expire.

1 Like

I am talking about a secondary DNS server . See here: https://tools.ietf.org/html/rfc2182

RFC 2182:

The Domain Name System requires that multiple servers exist for every delegated domain (zone).

This refers to authoritative name servers for a specific domain (or domains). Those requirements only apply to those that supply the DNS for their domain, not those that use the information that they provide.

These name servers are directly referenced by "glue" from the DNS root, and can't be substituted for others. They typically run BIND or NSD.

As an example, you can see the "glue" from the root servers to the .org servers, then to the three authoratative name servers for the openwrt.org domain in this DNS trace:

$ drill -T www.openwrt.org
.	518400	IN	NS	a.root-servers.net.
.	518400	IN	NS	b.root-servers.net.
.	518400	IN	NS	c.root-servers.net.
.	518400	IN	NS	d.root-servers.net.
.	518400	IN	NS	e.root-servers.net.
.	518400	IN	NS	f.root-servers.net.
.	518400	IN	NS	g.root-servers.net.
.	518400	IN	NS	h.root-servers.net.
.	518400	IN	NS	i.root-servers.net.
.	518400	IN	NS	j.root-servers.net.
.	518400	IN	NS	k.root-servers.net.
.	518400	IN	NS	l.root-servers.net.
.	518400	IN	NS	m.root-servers.net.
org.	172800	IN	NS	a0.org.afilias-nst.info.
org.	172800	IN	NS	a2.org.afilias-nst.info.
org.	172800	IN	NS	b0.org.afilias-nst.org.
org.	172800	IN	NS	b2.org.afilias-nst.org.
org.	172800	IN	NS	c0.org.afilias-nst.info.
org.	172800	IN	NS	d0.org.afilias-nst.org.
openwrt.org.	86400	IN	NS	ns2.digitalocean.com.
openwrt.org.	86400	IN	NS	ns3.digitalocean.com.
openwrt.org.	86400	IN	NS	ns1.digitalocean.com.
www.openwrt.org.	43200	IN	CNAME	wiki-01.infra.openwrt.org.
wiki-01.infra.openwrt.org.	3600	IN	A
1 Like

hmm, kind of confusing terms for me there. I'll pass. Stick to dnscrypt.

Thanks for the help jeff