After reading the manual and wondering why my on-demand PPPoE connection was not coming up when my local computers were attempting to connect to the Internet, I found that my client computers did not have any DNS server entries filled-in by the router's bulit-in DHCP server. Under
SETUP-->Network Settings-->Router Settings there is a check box to enable
DNS Relay.
Manual States: Uncheck the box to transfer the DNS server information from your ISP to your computers. If checked, your computers will use the router for a DNS server.When I first configured my router, I selected not to enable the
DNS Relay option of the router because in the past I always had my ISP's DNS servers listed on my local computers and not the router's 192.168.0.1 ip address.
DNS Relay is on by default. By unchecking it, the router will pass the DNS servers learned from its active WAN connection to its local dhcp clients when they renew their dhcp leases or request new ones. The impact of this can cause the local computers to receive dhcp leases without any DNS servers defined due to the following:
- Local computers renew or request dhcp leases from the router when the WAN link is down. Since the router's ISP WAN link is down, still negotiating, or has not received the ISP's DNS server(s) via the ISP's DHCP server, the local router hands the local computers what it knows--which is nothing. The result is that during this time of WAN link down, local dhcp leases will be void of dns server information.
- Router is rebooted. This causes all the LAN ports to go down. The problem is that once again, the LAN is ready before the WAN link is active. So, the local computers receive dhcp leases/renewals void of any DNS server information.
Enabling
DNS Relay which in turn causes the router to always give itself out as the DNS server for the local computers is a better solution. But, there is one more piece we still need to do. Now, each local dhcp client will always have 192.168.0.1 as its DNS server but the router is still dependent on the WAN link to be active to learn the ISP's DNS servers which it will in turn use to proxy each request to those learned DNS servers.
You can actually hard code your ISP's DNS server entries by filling in
Primary DNS Address and
Secondary DNS Address under your
SETUP-->INTERNET-->Manual Internet Connection Setup Internet Connection Type screen. DNS servers rarely change from your ISP. So, hard coding those ip addresses has minimal risk. From my readings and experience, this is the optimal way of configuring your router by enabling DNS Relay and statically defining the DNS servers.
There is another possibility that you can do. You can statically define the DNS servers and disable
DNS Relay. This causes the dhcp leases to contain the hard coded ips you entered instead of the router's 192.168.0.1 ip address. The impact of this is that the stateful-packet-inspection (SPI) table will have to track additional DNS(:53) UDP streams as each individual client makes its unique request directly to the DNS servers on the Internet. When I tested with this setup and looked at my Internet Sessions table, over 75% of my entries were DNS port 53 UDP queries.
DNS Relay | Hard Code DNS Servers | Pros | Cons |
Enabled | Yes | Clients receive fixed local DNS server. Router can immediately proxy dns queries. | DNS servers may become out-of-date. |
Enabled | No | Clients receive fixed local DNS server. Router receives update-to-date DNS entries. | Some small delay in proxying queries. May delay troubleshooting. |
Disabled | Yes | Clients receive fixed DNS servers. | DNS queries become part of standard traffic and are inspected by the SPI engine. |
Disabled | No | Clients receive ISP's update-to-date dns server entries if known. | During periods when the WAN link is down, clients recieve DHCP leases without any dns servers. |
Note: On a Microsoft box, you can issue an "ipconfig /all" command to find out your related DNS entries. On a Linux/Mac box, you can use "ifconfig" and "cat /etc/resolv.conf" to get your ip and dns resolver information.
Best regards,
AquaManiac
DIR-827 (Hardware Version: A1, Firmware Version: 1.01)