A third manual DNS entry?

[Bagman]

Would it be possible to add a third manual DNS server to the list you can add in the router UI? Currently it only allows two, where you can add three in DD-WRT, and more than that in Windows advanced settings.

 

[RMerlin]

Try creating a wan-start script with the following:

#!/bin/sh
echo "nameserver 8.8.8.8" >> /tmp/resolv.conf

 

[Bagman]

Ah... I don't have a USB drive mounted, so I can't make startup scripts in jffs. That's one of the reasons I requested it in the firmware.

 

[Nerre]

You don't need a USB drive to setup jffs, jffs uses the routers flash.

 

[RMerlin]

You don't need a USB drive to setup jffs, jffs uses the routers flash.

What this gentlemen said. The idea of JFFS is having scripts stored in internal flash. The JFFS partition gets mounted much earlier than USB disks too.

 

[Bagman]

Okay, I've put the script in and it does add the line to resolv.conf, but this doesn't seem to get picked up. Checking the boot log and network map pages only shows the first two DNS entries, not the one added by the boot script.

Any ideas? What's the best way of checking what nameservers the router is using?

 

[RMerlin]

Okay, I've put the script in and it does add the line to resolv.conf, but this doesn't seem to get picked up. Checking the boot log and network map pages only shows the first two DNS entries, not the one added by the boot script.

Any ideas? What's the best way of checking what nameservers the router is using?

I just tested it here, you need to also tell dnsmasq to reload its config (it seems to cache the resolv.conf entries internally):

killall -sighup dnsmasq

Put that right after the like that appends the third DNS.

After signaling dnsmasq, syslog should properly list all three nameservers.

ec 3 00:29:45 dnsmasq[4076]: read /etc/hosts - 3 addresses
Dec 3 00:29:45 dnsmasq-dhcp[4076]: read /etc/ethers - 6 addresses
Dec 3 00:29:46 dnsmasq[4076]: using nameserver 8.8.8.8#53
Dec 3 00:29:46 dnsmasq[4076]: using nameserver 206.248.154.170#53
Dec 3 00:29:46 dnsmasq[4076]: using nameserver 206.248.154.22#53

 

[RMerlin]

UPDATE: I did some more digging, and it seems like internally the firmware isn't hardcoded for only two DNS. So, here's a much simpler way to do it:

nvram set wan_dns="4.2.2.2 4.2.2.1 4.2.2.3"
nvram set wan0_dns="4.2.2.2 4.2.2.1 4.2.2.3"
nvram commit

Reboot your router after running these, and see if dnsmasq lists them all in syslog (make sure to remove the previous echo command).

These might get overwritten if you go to the webui page that lets you configure the two entries and you click on "Apply" tho. Worst case scenario, they can be put in the services-start script to make sure they get reapplied.

 

[Bagman]

Could the UI be extended from two to three slots as its not hardcoded anywhere else?

 

[RMerlin]

Could the UI be extended from two to three slots as its not hardcoded anywhere else?

If I do that, the next user will ask me for four. And after that I will be asked for five.

There is very little need for using more than two DNS servers. The idea is to provide a failover server in case the first one does not respond. The vast majority of operating systems will only let you enter two in their GUI.

 

[Bagman]

Then you could save yourself time and go straight to five!

Fair enough, I have a workaround that will do me, so thanks for that. I was used to using three from DD-WRT (one my ISPs local server, one OpenDNS, one GoogleDNS), but maybe you're telling me I don't need them all.

I used to use a DNS cache program that could cycle through 10 servers depending which were fastest and had the right info, so three seems quite conservative to me.

 

[RMerlin]

I used to use a DNS cache program that could cycle through 10 servers depending which were fastest and had the right info, so three seems quite conservative to me.

One thing to keep in mind: the DNS that answers the fastest isn't necessarily the best to use. For instance, if you live on the East Coast in the US, your ISP's DNS might give you the IP of a Youtube server that's on the East coast. However, sending that same query to the Google DNS or OpenDNS might give you the IP of a Youtube server that sits on the West coast.

So while you save 5ms on the DNS query (which is a one-time query since the answer gets cached locally by your OS), your actual download from the Youtube server might be slower, having a much more serious impact on performance.

Youtube is one case, another common case is Akamai (a content provider/caching service used by large corporations like Microsoft or AMD when downloading files from their servers)

Sorry for the sidetrack

Which workaround did you end up using? I want to document it on the Wiki (unless you got a Github account and are willing to give some of your time adding it to the Wiki )

 

[Bagman]

After all that, and hearing from other people about the issue with using DNSes out of my region, I've decided to stick with the two, one from my ISP and one from OpenDNS (because my ISP's DNS can be slow to update). So really I should apologise for wasting your time on this one!

The intention had been to use the NVRAM edits, and if necessary use a start-up script to keep them current as you suggested. It's a little clunky in that you can't change it from the UI, but it's a lot better than appending to resolve.conf, and then having to kill and restart dnsmasq which isn't very elegant.

 

[RMerlin]

After all that, and hearing from other people about the issue with using DNSes out of my region, I've decided to stick with the two, one from my ISP and one from OpenDNS (because my ISP's DNS can be slow to update). So really I should apologise for wasting your time on this one!

Hey, it's no problem at all. I'm all for sharing what I know, if it was a bother then I wouldn't have answered you

The intention had been to use the NVRAM edits, and if necessary use a start-up script to keep them current as you suggested. It's a little clunky in that you can't change it from the UI, but it's a lot better than appending to resolve.conf, and then having to kill and restart dnsmasq which isn't very elegant.

Note that you don't have to restart dnsmasq after modifying resolv.conf, just sending it a SIGHUP signal will make it reload the modified configuration without actually restarting the whole process.

 

[Nerre]

(because my ISP's DNS can be slow to update).

But the point is that a client will only use the second DNS server if the first one does not respond. So as long as the first DNS server responds, you will never get records from the second one. No matter how "better updated" it is or how much faster it is.

The secondary is just used as a spare.