• March 29, 2024, 02:03:03 AM
  • Welcome, Guest
Please login or register.

Login with username, password and session length
Advanced search  

News:

This Forum Beta is ONLY for registered owners of D-Link products in the USA for which we have created boards at this time.

Author Topic: Private DNS server being blocked by DNS rebind protection  (Read 5800 times)

AdrianG

  • Level 1 Member
  • *
  • Posts: 4
Private DNS server being blocked by DNS rebind protection
« on: July 11, 2017, 03:03:56 PM »

My DIR-655 stopped working this weekend. I purchased a DIR-880L. As it was configured on the DIR655 I configured the DIR-880L DNS address one to be the private DNS server and second DNS address a public DNS server and disabled DNS relay. This configuration worked on the DIR-655. It does not seem to work on the DIR-880L. Searching around it seems that a security feature called DNS rebind protection is preventing any connected devices from using a private DNS server on the internal network. Is there any way to disable this feature? or even more securely is there any way to mark the private DNS server as safe?
Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 49923
  • D-Link Global Forum Moderator
    • Router Troubleshooting
Re: Private DNS server being blocked by DNS rebind protection
« Reply #1 on: July 11, 2017, 04:35:04 PM »

Link>Welcome!

  • What Hardware version is your router? Look at sticker under the router case.
  • Link>What Firmware version is currently loaded? Found on the routers web page under status.
  • What region are you located?

How do you have the 655 configured? Using Virtual Server?

It's possible that this feature is a security feature and using a private DNS server on the LAN side may not be supported on newer generation routers.

I'll get some more information on this...
Logged
Cable: 1Gb/50Mb>NetGear CM1200>DIR-882>HP 24pt Gb Switch. COVR-1202/2202/3902,DIR-2660/80,3xDGL-4500s,DIR-LX1870,857,835,827,815,890L,880L,868L,836L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L,936L,960L and 8000LH.

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 49923
  • D-Link Global Forum Moderator
    • Router Troubleshooting
Re: Private DNS server being blocked by DNS rebind protection
« Reply #2 on: July 12, 2017, 09:02:12 AM »

What happens if you enable DNS Relay with this configuration? D-Link says DNS Relay maybe needed...

Are you clients using Static addressing or static DNS addressing?
Logged
Cable: 1Gb/50Mb>NetGear CM1200>DIR-882>HP 24pt Gb Switch. COVR-1202/2202/3902,DIR-2660/80,3xDGL-4500s,DIR-LX1870,857,835,827,815,890L,880L,868L,836L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L,936L,960L and 8000LH.

AdrianG

  • Level 1 Member
  • *
  • Posts: 4
Re: Private DNS server being blocked by DNS rebind protection
« Reply #3 on: July 14, 2017, 07:04:42 PM »

Hardware version: A2
Current Firmware Version:   1.07WW, Fri 26 Feb 2016
Current Firmware Date:   2016-02-26 19:34:00

I will try the DNS relay this weekend...

Thanks
Logged

AdrianG

  • Level 1 Member
  • *
  • Posts: 4
Re: Private DNS server being blocked by DNS rebind protection
« Reply #4 on: July 15, 2017, 06:35:39 AM »

Enabling DNS Relay did not work. More information when the private DNS server IP address is assigned as a DNS server in the Internet configuration on the D-Link router when you run the command "nslookup somehostname x.x.x.x" where x.x.x.x is the ip address of the private DNS server you get:

DNS request timed out.
    timeout was 2 seconds.
Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 49923
  • D-Link Global Forum Moderator
    • Router Troubleshooting
Re: Private DNS server being blocked by DNS rebind protection
« Reply #5 on: July 15, 2017, 12:12:44 PM »

I'll see if I can get some more info on this.

You can load up v1.08 and see if any changes...
Logged
Cable: 1Gb/50Mb>NetGear CM1200>DIR-882>HP 24pt Gb Switch. COVR-1202/2202/3902,DIR-2660/80,3xDGL-4500s,DIR-LX1870,857,835,827,815,890L,880L,868L,836L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L,936L,960L and 8000LH.

AdrianG

  • Level 1 Member
  • *
  • Posts: 4
Re: Private DNS server being blocked by DNS rebind protection
« Reply #6 on: July 18, 2017, 08:25:27 AM »

Thanks. For now I am working around this issue by using a DHCP server and disabling DHCP on the router.
Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 49923
  • D-Link Global Forum Moderator
    • Router Troubleshooting
Re: Private DNS server being blocked by DNS rebind protection
« Reply #7 on: July 18, 2017, 08:34:41 AM »

This maybe a issue in FW, either security related or something not supported in newer generation routers...something you might contact D-Link support and ask about at some point.

Good Luck.
Logged
Cable: 1Gb/50Mb>NetGear CM1200>DIR-882>HP 24pt Gb Switch. COVR-1202/2202/3902,DIR-2660/80,3xDGL-4500s,DIR-LX1870,857,835,827,815,890L,880L,868L,836L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L,936L,960L and 8000LH.