Reply
New Member
Posts: 35
Registered: ‎07-18-2016
Kudos: 2
Solutions: 2

Help w/basic DNS resolution and forwarding setup

Hey all,

 

I've had my ERX in production for about a year but just realized my DNS config might be wonky.  Here's my setup:

 

1. I went under System and in the Name Server field I added my two ISP primary DNS servers, then saved changes.

 

2. In DHCP > DNS I chose the interface of Switch0 (which has all my production VLANs) and clicked Add Listen Interface, then saved changes.  My clients are set to use the ERX as primary DNS, and ISP DNS as secondary.

 

If I run "show dns forwarding statistics" I show "0 queries sent" even after several days.  And if I use nslookup and my local ERX as the server, it will not resolve FQDNs.  I'm assuming since I can browse to various sites, it's still resolving ok off the secondary DNS servers, but I'd like to get the local cache working to get that resolution speed boost :-).

 

Can you help me figure out what I'm missing?

 

Thanks,

Brian

Established Member
Posts: 1,795
Registered: ‎03-02-2016
Kudos: 430
Solutions: 139

Re: Help w/basic DNS resolution and forwarding setup

[ Edited ]

 

Under System, the only nameserver should be 127.0.0.1.

 

In DHCP settings for each DHCP pool you have (under Services --> DHCP Server, then choose View Details for your LAN from the menu on the right), be sure the "DNS 1" setting is the router's LAN IP, and "DNS 2" is blank.You want to hand out the router as the DNS server to devices on your network.

 

Then, under Config Tree, navigate to services -> dns -> forwarding, add as many name-server directives as you'd like, each with the IP address of a nameserver you'd like to forward to. I have two entries there, for the two OpenDNS nameservers.

 

 Once you get it, "show dns forwarding nameservers" should show the name servers you put in the config tree, while 127.0.0.1 should be shown as a nameserver not configured for forwarding.

 

 

New Member
Posts: 35
Registered: ‎07-18-2016
Kudos: 2
Solutions: 2

Re: Help w/basic DNS resolution and forwarding setup

Hey thanks for the quick response.  Ok so the only possible snag with my config is on some of my VLANs I want to hand out OpenDNS, and on others I want to hand out the standard ISP ones.

 

So I'm assuming on DHCP scopes where I want the standard ISP ones, I just set DNS1 to the appropriate LAN IP for that subnet, and on the ones where I want OpenDNS to be the resolvers, I set those explicitly in DNS1 and DNS2?

 

 

Brian

Veteran Member
Posts: 7,474
Registered: ‎03-24-2016
Kudos: 1933
Solutions: 857

Re: Help w/basic DNS resolution and forwarding setup

For each  vlan=x on switch0 , a listen interface of switch0.x should be added to dns forwarder.

 

Highlighted
New Member
Posts: 35
Registered: ‎07-18-2016
Kudos: 2
Solutions: 2

Re: Help w/basic DNS resolution and forwarding setup

Thanks both of you.  I had tried @gfunkdave's suggestion but ultimately broke DNS resolution altogether.  While I was figuring that out I just happen to hear about Pihole from somebody at work (https://pi-hole.net/) and installed that to block ads.  So while I haven't tried further troubleshooting (or @16again's solution) I'm good to go for quick, local (and ad-blocking!) DNS resolution for now.  Thanks all.


Brian

Reply