1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice

Welcome To SNBForums

SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.

If you'd like to post a question, simply register and have at it!

While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!

DNS Hierarchy? WAN DNS v DHCP Server v DNSFilter

Discussion in 'Asuswrt-Merlin' started by peepsnet, Feb 27, 2020.

  1. peepsnet

    peepsnet Regular Contributor

    Joined:
    Jul 16, 2019
    Messages:
    112
    Can someone explain the hierarchy in the 3 systems?

    Which one is the final authority in assigning the DNS servers to the clients?
     
  2. dave14305

    dave14305 Part of the Furniture

    Joined:
    May 19, 2018
    Messages:
    2,478
    Location:
    USA
    1. DNSFilter overrides everything else for clients.
    2. LAN DHCP comes next, assuming it is populated with external DNS IPs.
    3. If no 1 or 2 is defined, then the router receives the client requests and forwards to the WAN DNS servers.
     
    Vexira, martinr, L&LD and 1 other person like this.
  3. peepsnet

    peepsnet Regular Contributor

    Joined:
    Jul 16, 2019
    Messages:
    112
    Thank you so much for the quick answer!! This is what I though but wanted to make sure

    What is the function "Global Filter Mode" under DNSFilter in this whole process???
     
  4. dave14305

    dave14305 Part of the Furniture

    Joined:
    May 19, 2018
    Messages:
    2,478
    Location:
    USA
    Global mode is what every device is subject to, unless they have a client-specific rule defined in the lower section to either a) set as No Filtering or b) choose a different filter than the Global default. For example, I might want Quad9 setup for the whole network (Global mode), but want Cleanbrowsing Family for my childrens’ devices. Or I might want my iPad exempt from filtering so I can go wherever I want.
     
    Vexira and L&LD like this.
  5. Chris_J

    Chris_J Regular Contributor

    Joined:
    Dec 10, 2019
    Messages:
    103
    Location:
    UK
    Not wishing to hijack your thread, but I had a similar question and it saves making another thread.

    Since we now know that DNSFilter takes first priority, can one use this to point to a DNS server located inside the network (i.e. Unbound running on a RPi)?
     
    Vexira likes this.
  6. Vexira

    Vexira Part of the Furniture

    Joined:
    Jan 20, 2017
    Messages:
    2,033
    Location:
    Australia
    Yes I use to for pihole, you have to point it to the server IP, in my case the pi's IP.

    I set it to custom one and global filter to custom one.
     
  7. Chris_J

    Chris_J Regular Contributor

    Joined:
    Dec 10, 2019
    Messages:
    103
    Location:
    UK
    Perfect. This is what I expected so it makes me feel more sure of what I am doing.

    So basically:

    DNSFilter > Custom > Custom 1 > 192.168.1.XX

    Hopefully this works just as well with Unbound as it does with Pihole.
     
  8. martinr

    martinr Part of the Furniture

    Joined:
    Nov 27, 2014
    Messages:
    2,425
    Location:
    Manchester, United Kingdom
    Sure, so long as you’re running Unbound on your Raspberry Pi.
     
    Chris_J likes this.