Menu
What's new
By:
Filters Better Search

Where to enable custom DNS?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

D

decker

Occasional Visitor
I have an RT-AC86U. If I want to use a custom DNS where am I supposed to enter it? In LAN > DHCP server I see a setting for DNS and WINS Server Setting. In WAN > Internet Connection there's a setting under WAN DNS Setting to assign a DNS IP. From the description it sounds like I should enter it under the WAN setting. So what's the LAN setting for?


lan.jpg


wan.jpg
 
Last edited:
decker said:
thx
Click to expand...

To add, if you want to force clients to use it, also go to the DNS Filter / DNS Director and set it to "router". That way they can't enter their own DNS. They can however enable DOH in their browser and bypass it that way.

Also the reason for the two different places:

Putting it on WAN means the router looks up to those IPs, and the clients look up to the router (router is a proxy DNS server). The router also uses those entries for its own purposes, like resolving NTP servers, etc.
Putting it on DHCP means the clients look up to those IPs directly and bypasses the router. Having the router cache DNS (the option above) is usually preferred.
 
drinkingbird said:
To add, if you want to force clients to use it, also go to the DNS Filter / DNS Director and set it to "router". That way they can't enter their own DNS. They can however enable DOH in their browser and bypass it that way.

Also the reason for the two different places:

Putting it on WAN means the router looks up to those IPs, and the clients look up to the router (router is a proxy DNS server). The router also uses those entries for its own purposes, like resolving NTP servers, etc.
Putting it on DHCP means the clients look up to those IPs directly and bypasses the router. Having the router cache DNS (the option above) is usually preferred.
Click to expand...

You mean if I enable DNS Director it will ignore any custom DNS I configured in my device's network adapter?
 
  • WAN settings are which DNS servers the router will use.
    • Required.
    • I use Quad9 ECS.
  • LAN settings are the DNS servers supplied to LAN clients by DHCP server.
    • Optional.
    • I do not use this.
  • DNS Director will redirect DNS queries from LAN clients at the firewall level to the router, regardless of client DNS settings.
    • Optional.
    • I use this with no exceptions.
  • DNS Director, however, can only redirect conventional DNS queries.
    • Not DNS over HTTPS (some browsers have this on by default)
    • Not DNS over TLS.
 
EmeraldDeer said:
  • WAN settings are which DNS servers the router will use.
    • Required.
    • I use Quad9 ECS.
  • LAN settings are the DNS servers supplied to LAN clients by DHCP server.
    • Optional.
    • I do not use this.
  • DNS Director will redirect DNS queries from LAN clients at the firewall level to the router, regardless of client DNS settings.
    • Optional.
    • I use this with no exceptions.
  • DNS Director, however, can only redirect conventional DNS queries.
    • Not DNS over HTTPS (some browsers have this on by default)
    • Not DNS over TLS.
Click to expand...

Do WAN and LAN both do the same thing? I didn't know about DNS Director. I always thought the client DNS had priority over the router. That's good to know. None of my housemates know how to change DNS so it's probably not necessary. Why do you use it without exceptions?
 
decker said:
You mean if I enable DNS Director it will ignore any custom DNS I configured in my device's network adapter?
Click to expand...

Correct, it will intercept client DNS queries (invisibly) and send them to the DNS you've configured, regardless of what is configured on the network adapter. Client thinks the response is coming from the server they specified, but it is not.
 
decker said:
Do WAN and LAN both do the same thing? I didn't know about DNS Director. I always thought the client DNS had priority over the router. That's good to know. None of my housemates know how to change DNS so it's probably not necessary. Why do you use it without exceptions?
Click to expand...

No WAN and LAN do different things. WAN tells the router what to use, and by default (if you don't specify on the LAN) the clients receive the router's IP as their DNS IP. If you specify IPs on the LAN, DHCP hands those IPs directly to the client, they no longer use the router, they go direct to the specified DNS server.

WAN configured but LAN not - Client receives router's IP as DNS server
Client -> Router -> Router's WAN DNS

LAN configured (to something other than router IP)
Client -> Direct to that DNS server you specified, skipping the router.

In either case, the WAN DNS is used by the router also for its own purposes (NTP, checking for firmware updates, etc).
 
drinkingbird said:
No WAN and LAN do different things. WAN tells the router what to use, and by default (if you don't specify on the LAN) the clients receive the router's IP as their DNS IP. If you specify IPs on the LAN, DHCP hands those IPs directly to the client, they no longer use the router, they go direct to the specified DNS server.

WAN configured but LAN not - Client receives router's IP as DNS server
Client -> Router -> Router's WAN DNS

LAN configured (to something other than router IP)
Client -> Direct to that DNS server you specified, skipping the router.

In either case, the WAN DNS is used by the router also for its own purposes (NTP, checking for firmware updates, etc).
Click to expand...

thx for explaining!
 
drinkingbird said:
Correct, it will intercept client DNS queries (invisibly) and send them to the DNS you've configured, regardless of what is configured on the network adapter. Client thinks the response is coming from the server they specified, but it is not.
Click to expand...

cool thx
 
decker said:
Do WAN and LAN both do the same thing? I didn't know about DNS Director. I always thought the client DNS had priority over the router. That's good to know. None of my housemates know how to change DNS so it's probably not necessary. Why do you use it without exceptions?
Click to expand...
Use of DNS Director without exceptions
  • Caching of lookups - all home devices share router dnsmasq cache, speeding up repetitive lookups. I also had a special case. Windows 10 would do a lot of lookups which do not have entries. The lack of entry results in looking up again. This pounded my DNS provider with zero value load. Instead, these lookups now just hit the router and avoid my DNS provider throttling lookups.
  • Security - All devices benefit from Diversion blacklists
  • Access control - If someone tries to access porn or gambling, the lookup is blocked at the router, ISP and DNS provider never sees the DNS lookup attempt
 
EmeraldDeer said:
Use of DNS Director without exceptions
  • Caching of lookups - all home devices share router dnsmasq cache, speeding up repetitive lookups. I also had a special case. Windows 10 would do a lot of lookups which do not have entries. The lack of entry results in looking up again. This pounded my DNS provider with zero value load. Instead, these lookups now just hit the router and avoid my DNS provider throttling lookups.
  • Security - All devices benefit from Diversion blacklists
  • Access control - If someone tries to access porn or gambling, the lookup is blocked at the router, ISP and DNS provider never sees the DNS lookup attempt
Click to expand...

awesome thx
 
You must log in or register to reply here.

Similar threads

S
4G-AC86U No DNS server option in WAN - Mobile Broadband
Replies
0
Views
237
syjmick
S
R
Would any of this make my browsing more secure? (WAN DNS settings)
2
Replies
20
Views
1K
aru
aru
J
Solved OpenVPN clients can't resolve custom domains defined in dnsmasq config
Replies
2
Views
618
jkbach
J
Gary_Dexter
Custom WAN DNS not working
2
Replies
35
Views
2K
glens
G
X
DNS Director - question
Replies
6
Views
632
Xboxsx4life
X
Similar threads
Thread starter Title Forum Replies Date
F ASUS routers lose speed periodically, where is the problem? (RT-AC59U V2 and RT-AC58U V3). ASUS AC Routers & Adapters (Wi-Fi 5) 17

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 955 (members: 27, guests: 928)
Top