Menu
What's new
By:
Filters Better Search

Use router as (external) DNS server

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Shira

Shira

Occasional Visitor
I have an RT-AC68U with Merlin and Diversion installed, is there any way I can use the router as a DNS server for other devices outside of my LAN? (i.e mobile phone on data)
 
Why couldn't you just port forward 53 to the RT-68U and set your clients' DNS servers to your WAN IP?
 
ColinTaylor said:
Because running a publicly accessible DNS server would be a magnet for bots/people wanting to abuse it. e.g. DNS amplification attacks. Same reason you don't host a publicly accessible email server.
Click to expand...
I agree it's a bad idea. It's not as difficult as it might sound to set up a VPN server and keep your mobile devices connected to the LAN via VPN at all times. That's how I operate.
 
sbsnb said:
I agree it's a bad idea. It's not as difficult as it might sound to set up a VPN server and keep your mobile devices connected to the LAN via VPN at all times. That's how I operate.
Click to expand...

I tried that but Diversion doesn't seem to work through VPN.
 
Two things:

1. Is your VPN server advertising your router as the DNS server for clients to use?
sSurmh9.png


2. Are your VPN clients are using the DNS server advertised by your VPN server (which should be the same as regular LAN clients use)?
 
https://www.aaflalo.me/2019/03/dns-over-tls/ there are instructions to setup your own DNS server, but you would have to adapt it to your setup ALOT, and you would have to have the skills and know how to do it. It is not something as simple as forwarding a port and exposing your connection to attack.

VPN is the better option, Let the DNS server gurus be the dns server gurus, while you be the regular home user is usually the better option.
 
Just reading about DNS amplification attacks. Is it safe to assume that Merlin default settings would not expose our routers to such an attack?
I did the dig test outlined on this page: http://openresolver.com/ using the WAN IP of my router and got
";; connection timed out; no servers could be reached"
so I guess I'm okay?
 
You must log in or register to reply here.

Similar threads

X
RT-AX58U sudden DNS problem - URGENT
Replies
14
Views
696
dave14305
dave14305
A
DNS Director - Issues when using Private DNS on mobile devices
Replies
15
Views
1K
Unetwork
U
S
4G-AC86U No DNS server option in WAN - Mobile Broadband
Replies
0
Views
256
syjmick
S
C
How to set upstream DNS but force clients to use the router for DNS?
Replies
2
Views
607
chrisisbd
C
R
Would any of this make my browsing more secure? (WAN DNS settings)
2
Replies
20
Views
1K
aru
aru
Similar threads
Thread starter Title Forum Replies Date
A Question about Asus Merlin Router behind a firewalla? Asuswrt-Merlin 8
S Prevent client from connecting to router but allow connection to internet via access point Asuswrt-Merlin 4
PaulA Port isolation on RT-AX88U-Pro (router) w/ Merlin w/ Tagged internet ISP Asuswrt-Merlin 1
H Solved xbox one not able to sign in when connected through router running asuswrt-merlin on an rt-ac5300. Asuswrt-Merlin 5
pdc Router DNS returning Refused Asuswrt-Merlin 2
alan6854321 Router threw a wobbla - "Top" info in syslog? Asuswrt-Merlin 0
randomName Possibly in the market for a new router Asuswrt-Merlin 27
muffintastic Cannot Stream from Router - Samba Problem Asuswrt-Merlin 2
J RT-AX88U Dual WAN Ports 5-8 Almost Bricks Router Asuswrt-Merlin 6
url004 NXDOMAIN on server but the router can resolve queries Asuswrt-Merlin 1

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 736 (members: 15, guests: 721)
Top