Unable to set a fixed dns entry for a particular client because router IPV6 address is always added as first dns choice

[fededim]

Hi,

I have an Asus RT-BE88U with AsusWRT merlin 3006.102.5 version with an IPV6 connection and I want to set a particular IPV4 dns for a particular client (e.g. mac address). I tried to enforce this in two ways:
1) LAN -> DHCP SERVER -> Manually Assigned IP set "DNS Server" entry to a particular value, but it does not work well because it adds this entry at the last one to all dnses already configured
2) LAN -> DNS DIRECTOR -> Client List --> Associate a DNS to a client...this does not work because on the device I get as first entry the router IPV6 address as first DNS choice and then the inserted entry.

I tried also to create a custom ad hoc network (which will be used only by the particular client) but there does not seem to be anymore the setting for specifying the custom DNS for the new network. Is there any way I can enforce this ? I repeat I just want for a particular client to enforce a single IPV4 dns entry.

Thank to anyone who can help.

 

[dave14305]

You can suppress sending the router IPv6 GUA address as DNS server by using a /jffs/scripts/dnsmasq.postconf file. This script below replaces the line added by the firmware with a line that configures an "empty" RDNSS server. It affects all IPv6 clients, however. There really isn't good integration of IPv4 and IPv6 when it comes to managing client options.

!/bin/sh

CONFIG="$1"
. /usr/sbin/helper.sh
pc_replace "dhcp-option=lan,option6:23,[::]" "dhcp-option=lan,option6:dns-server" "$CONFIG"

 

[fededim]

Bingo managed to get it working by improving your idea for forcing this only for a particular mac address, thank you very much!

Create the file /jffs/configs/dnsmasq.conf.add

with this line

dhcp-option=tag:<mac address>,option6:23

 

[fededim]

Wtf I celebrated too early it does not work anymore, maybe is it a bug fo DNSMasq which does not override IPV6 DNS ?

 

[dave14305]

I think you still get the DNS from the general router advertisement. I didn’t have luck using the device MAC, I had to test with the client DUID for ipv6.

 

[fededim]

Also your script does not seem to work, I checked using Wireshark that the DHCPv6 protocol is always returning router IPV6 address as the 23 option (DNS recursive name server), notwithstanding the replaced line in dnsmasq.conf and empty configuration under LAN --> DHCP SERVER--> IPV6 DNS SERVER

 

[fededim]

I tried also adding the ra-only option in dnsmasq.conf which disables the DHCPV6, yet Wireshark shows that the router advertisment message still contains the IPV6 address of the router....it seems impossible not to config an IPV6 DNS server :-( maybe it is easier (yet stupid) to use an older router for forcing the use of an IPV4 DNS for some clients by disabling IPV6.