Using OpenWrt as a DNS server over wan

Hello,

I live in Spain but I would like to un block a geoblocked famous tv provider (bringing the decoder to Spain). The decode "phones home" in order to find out whether the decoder is in Italy. I have access to a home router in Italy where I would like to install openwrt. to route (DNS? proxy?) these checks via the router in Italy.

Do you know whether I need to install in the Italian router a proxy server or a DNS server I would then need to access using the Italian router's wan port?

The easy thing would be a VPN access but it seems like the Italian provider refuses any request which is coming via a VPN connection.

Any idea?

(note I would be using a paid for subscription)

  • How does the "phone home" take place?
  • Is it simply a DNS request, or does the device have to initiate some kind of connection via an IP on the provider's network?

I'm not sure how they would know that. To answer your question directly, it is possible to setup a VPN (i.e. Wireguard) and send any traffic for that device thru the tunnel.

It's unlikely that they can detect a VPN directly. It's certainly possible that they have a list of VPN endpoints that are blocked.

1 Like

Go the VPN route, don't open a DNS server on the WAN interface, you'd only get in trouble with your ISP and may get blacklisted by the big CDNs (as your DNS might support DNS amplification attacks).

1 Like

Isn't there a way to secure it with a login?

That would make my life easier, however, my endpoint in Italy has just a 8Mbit connection while I Spain I have a 500Mb fiber, is there a way to set up a "smart dns" like service in my Italian router which makes my spanish one "looking italian" without funnelling all the trwffiv over the 8Mb adsl connection?

The box routinely downloads content as well, that would be jamming the 8Mb line, especially UHD content.

If you think that what is happening is that the provider that you want to "fool" into thinking that your local endpoint isn't where it truly is, then DNS won't help you. If they are using DNS (which I don't think likely), they have an IP address, not your hostname. The IP address would be resolved as a reverse query, for which you can't redirect the DNS from your ISP (who has administrative authority over the "PTR" records associated with their IP blocks).