What's new

Trying to use Quad9 with new ASUS RT-AX88U Pro

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Interesting. Why is this even allowed?
Why not?

I had a customer for which I delegated a sub-domain (lan.domain.com) which contained IP addresses of various VMs within the 10.x.x.x subnet. It made things easier to manage since that customer had over 100 VMs running in the datacenter at the time.

DNSBLs also generally work that way, by returning an IP address within the 127.0.0.x subnet to report whether a specific hostname is blacklisted or not.
 
This customer with >100VMs in a datacenter relies on an upstream DNS server because it was easier?
 
Interesting. Why is this even allowed?
There's inherently nothing wrong with that. There's no reason to assume that the router's WAN DNS servers are public servers or what the user's network topology is. Just because the average home user uses something like Google DNS doesn't mean everybody does.
 
I understand, but we were talking about home router to public DNS like Quad9. This service is not intended for someone running a datacenter, I believe.
 
I understand, but we were talking about home router to public DNS like Quad9. This service is not intended for someone running a datacenter, I believe.
I've seen Amazon use public DNS records that return private IP addresses for video services. VoIP services also do it sometimes. And of course services like Cloudflare and NextDNS do it when they're blocking certain domains (e.g. porn, malware, etc.). So given that this is perfectly legitimate practice it makes sense that dnsmasq has an option to choose whether of not to accept it.
 
Last edited:
What's the benefit of enabling it on a home router in this case? Sound like it does more harm than good.
 
No. What's your recommendation about this setting in this particular case - home router, Quad9? I believe it has to stay disabled given the fact it's not the only measure on a typical home network using typical home products. Not talking about business firewalls and servers.
 
No. What's your recommendation about this setting in this particular case - home router, Quad9? I believe it has to stay disabled given the fact it's not the only measure on a typical home network using typical home products. Not talking about business firewalls and servers.
My understanding was that the OP's issue was that he couldn't use Quad9 at all.
 
This customer with >100VMs in a datacenter relies on an upstream DNS server because it was easier?
It makes SSH management easier, yes. We had a naming scheme, so we used DNS for what it was intended to: rely on easy to remember names rather than memorizing 100+ IP addresses.
 
Not normally. Personally, I have it enabled. But if you use a DNS blocking service (like Cloudflare for Families) that returns bogus addresses for blocked domains you may see lots of false warnings in your router's system log.

It makes sense what to say, because actually on some devices I have DNS from Cloudflare for Families defined by DNS Director (not for the main network) and several false warnings actually appear. So I deduce that's it.
 
Last edited:

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top