Hi,

I'm using the last RC2 version on my WRT54GL router.
I want to control the usage of my private network, cause I have young children. To do this, I use different technics, one of them is to use OpenDNS.

I read a lot of things around this in documentation and forum, but for now I haven't found any clear information on how to do it.
I tried by myself some experience without good result. I found that I'm not alone in this situation. This is due to the fact the last software integrate many changes around settings and right now the documentation is not complete.

So I think it will be interesting for every OpenWrt users to have an HOWTO on this topic.

Any contribution to do it will be welcome, As I wrote before, I can't do it by myself.

Many thanks in advance.

Kris

Hi.

There are several possible ways to achive that.
By default, OpenWrt acts as a DNS cache for LAN clients, so one possibility is to let OpenWrt use other upstream DNS servers (like the ones from OpenDNS). Another possibility is to advertise different DNS servers via DHCP to connected LAN clients. Both measures can be circumvented on the client side by setting a different DNS server IP. A third variant is to catch all outgoing udp/53 traffic to force a redirection to the router's DNS cache.

You can specify different DNS servers for the router by adding

option dns "1.2.3.4 5.6.7.8 ..."

to the "config interface wan" section in /etc/config/network .
If you prefer the webif, goto Network -> Interface -> WAN, add the additional option "DNS-Server". Fill in the DNS server ips separated by space in ther and hit Safe & Apply.
If you prefer the cli, login with ssh and execute:

# uci set network.wan.dns="1.2.3.4 5.6.7.8"
# uci commit network
# ifup wan; /etc/init.d/dnsmasq restart

To advertise different DNS servers via DHCP to clients, take a look at http://forum.openwrt.org/viewtopic.php?id=17316 .

~ JoW

hi jow,

It takes a while before I reply.

I set the wan section with:
option dns "1.2.3.4 5.6.7.8 ..."
as you mentioned it

It still not so clear for me, cause when I add static dns configuration for wan side, it keeps getting dns information with dhcp on wan interface and  the opendns server address is then forgotten.

I did by the past a patch directly in /etc/init.d/dhcp to have a workaround, but I am sure there is a simply way to do it.
Now I have installed the lest release version, and I work again on this configuration.

What I expect is to keep local dns caching in Openwrt (very useful cause all my host-names coming from my LAN are automatically stored) and to forward all DNS request to OpenDNS.

I would like to find with this forum support the easer way to do it, then I will produce an Howto on this for other users.

Thanks

Kris

(Last edited by kris969 on 14 Mar 2009, 21:30)

Fixed in trunk but the patch did not made it into 8.09 final. So you have to backport https://dev.openwrt.org/changeset/14562

Hi

Using OpenDNS servers is easy, just put the IP addresses for the OpenDNS servers in the DNS config.

But that's not what the user is asking, I believe.  I use OpenDNS for my DNS servers because my provider intercepts lookups to nonexistent hosts and redirects them to a "help" page.  This is nothing less than breaking the intended functionality of DNS, period.

OpenDNS will also take you to a "help" page for lookups to nonexistent hosts, but you can opt-out of this.  In order to opt-out, you must authenticate to OpenDNS.  The method is almost identical to DynDNS and other services.  The original poster is trying to enable a different service, content filtering.  But the authentication method is the same.  Once your IP address authenticates to OpenDNS, your account configuration controls how DNS lookups are handled.

I have a kludge that works quite well for me, but it won't work for everyone.  Here are the caveats for my kludge:

1) You must use PPPoE in OpenWRT to authenticate to your provider.  If you use DHCP, this won't work.
2) You must have the "curl" package installed in OpenWRT

Place the short script below into the directory "/etc/ppp/ip-up.d"  Name it something like S01opendns:

#!/bin/sh
USER="<USERNAME>"
PASS="<PASSWORD>"
DOMAIN="<HOSTNAME>"
/usr/bin/curl -k -m 60 -u $USER:$PASS https://updates.opendns.com/account/ddns.php?hostname=$DOMAIN > /dev/null

When ever your PPPoE connects to your provider, this script will run and you will authenticate to OpenDNS.  I hope someone finds this helpful.

Thanks

(Last edited by gloomrider on 15 Mar 2009, 00:42)