R
R
rockstar912014-08-24 12:25:14
Domain Name System
rockstar91, 2014-08-24 12:25:14

OpenWRT - how to "wisely" configure DNS with two WANs?

The default is WAN1, there are static routes to WAN2 networks, the default DNS server from WAN2 is used - this provider has internal resources, the addresses of which they announce only on their DNS, now only this address has been hardcoded in resolv.conf. I understand - not the best solution, but I did not understand how to do it differently.
By default, openwrt writes to /tmp/resolv.conf.auto all DNS addresses from all raised interfaces, and in the settings there are checkboxes "Do not cache negative replies, eg for not existing domains" and "DNS servers will be queried in the order of the resolvfile" - I tried to enable them, everything seems to work for a while, but at some point, local sites from WAN2 stop opening, referring to a DNS error.
Task: configure the use of all addresses from /tmp/resolv.conf.auto, understanding why DNS falls off with this setting.
I will be very grateful for any information on this topic.

Answer the question

In order to leave comments, you need to log in

2 answer(s)
V
Vadim Misbakh-Soloviev, 2014-08-24
@rockstar91

if the WAN2 provider has all internal resources resolved as subdomains (at least the second level. For example, * .lan), then it would be best to configure this either by hand in the dnsmasq config (it can query for certain domains from certain NS, or via LuCI, if available: screenshot78.png(the last parameter visible "whole" in the screenshot below)
// well, it is assumed that your domain will differ from the domain of the provider from WAN2 (i.e. if it has *.lan, then your internal domain should not be the same .lan as in my screenshot :)

R
rockstar91, 2014-08-27
@rockstar91

For the first problem, the mva advice helped .
I figured out the second problem (in the comment to the mva answer ) myself - the problem was that later I added routes to the addresses of the city traffic exchange point via WAN2, these routes also included the DNS server of the WAN1 provider, which is used by default.
For third-party networks, they returned the response from the cache, but if the entry was not found in the cache, they played to higher dns, so the problem was observed quite rarely.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question