• November 14, 2018, 06:51:37 PM
  • Welcome, Guest
Please login or register.

Login with username, password and session length
Advanced search  

News:

This Forum Beta is ONLY for registered owners of D-Link products in the USA for which we have created boards at this time.

Author Topic: DNS Relay and What it Means to Local Computers  (Read 73913 times)

AquaManiac

  • Level 1 Member
  • *
  • Posts: 24
DNS Relay and What it Means to Local Computers
« on: January 05, 2012, 04:41:23 PM »

After reading the manual and wondering why my on-demand PPPoE connection was not coming up when my local computers were attempting to connect to the Internet, I found that my client computers did not have any DNS server entries filled-in by the router's bulit-in DHCP server. Under SETUP-->Network Settings-->Router Settings there is a check box to enable DNS Relay.

Manual States:  Uncheck the box to transfer the DNS server information from your ISP to your computers. If checked, your computers will use the router for a DNS server.

When I first configured my router, I selected not to enable the DNS Relay option of the router because in the past I always had my ISP's DNS servers listed on my local computers and not the router's 192.168.0.1 ip address. DNS Relay is on by default. By unchecking it, the router will pass the DNS servers learned from its active WAN connection to its local dhcp clients when they renew their dhcp leases or request new ones. The impact of this can cause the local computers to receive dhcp leases without any DNS servers defined due to the following:
  • Local computers renew or request dhcp leases from the router when the WAN link is down. Since the router's ISP WAN link is down, still negotiating, or has not received the ISP's DNS server(s) via the ISP's DHCP server, the local router hands the local computers what it knows--which is nothing. The result is that during this time of WAN link down, local dhcp leases will be void of dns server information.
  • Router is rebooted. This causes all the LAN ports to go down. The problem is that once again, the LAN is ready before the WAN link is active. So, the local computers receive dhcp leases/renewals void of any DNS server information.

Enabling DNS Relay which in turn causes the router to always give itself out as the DNS server for  the local computers is a better solution. But, there is one more piece we still need to do. Now, each local dhcp client will always have 192.168.0.1 as its DNS server but the router is still dependent on the WAN link to be active to learn the ISP's DNS servers which it will in turn use to proxy each request to those learned DNS servers.

You can actually hard code your ISP's DNS server entries by filling in Primary DNS Address and Secondary DNS Address under your SETUP-->INTERNET-->Manual Internet Connection Setup Internet Connection Type screen. DNS servers rarely change from your ISP. So, hard coding those ip addresses has minimal risk. From my readings and experience, this is the optimal way of configuring your router by enabling DNS Relay and statically defining the DNS servers.

There is another possibility that you can do. You can statically define the DNS servers and disable DNS Relay. This causes the dhcp leases to contain the hard coded ips you entered instead of the router's 192.168.0.1 ip address. The impact of this is that the stateful-packet-inspection (SPI) table will have to track additional DNS(:53) UDP streams as each individual client makes its unique request directly to the DNS servers on the Internet. When I tested with this setup and looked at my Internet Sessions table, over 75% of my entries were DNS port 53 UDP queries.

DNS RelayHard Code DNS ServersProsCons
EnabledYesClients receive fixed local DNS server. Router can immediately proxy dns queries.DNS servers may become out-of-date.
EnabledNoClients receive fixed local DNS server. Router receives update-to-date DNS entries.Some small delay in proxying queries. May delay troubleshooting.
DisabledYesClients receive fixed DNS servers.DNS queries become part of standard traffic and are inspected by the SPI engine.
DisabledNoClients receive ISP's update-to-date dns server entries if known.During periods when the WAN link is down, clients recieve DHCP leases without any dns servers.

Note: On a Microsoft box, you can issue an "ipconfig /all" command to find out your related DNS entries. On a Linux/Mac box, you can use "ifconfig" and "cat /etc/resolv.conf" to get your ip and dns resolver information.


Best regards,

AquaManiac

DIR-827 (Hardware Version: A1, Firmware Version: 1.01)

« Last Edit: September 11, 2014, 09:57:04 AM by FurryNutz »
Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 46150
  • D-Link Global Forum Moderator
    • New DIR-890L Router with SmartConnect™ Technology
Re: DNS Relay and What it Means to Local Computers
« Reply #1 on: January 06, 2012, 07:24:52 AM »

Good information for new users of routers man. Thanks. Might make this is sticky. Many ideas about using DNS relay and such. I initially thought that Hard Coding and using DNS Relay enabled was a good thing and it still is. Some have mentioned that leaving the Primary and 2ndar fields blank works as well as the router will automatically get DNS from what it sees coming from the ISP modem. Been many discussions about this. There is a neat utility that people can use as well to find better DNS on the ISP systems too in which you can use. I need to find where that was posted and link it here I guess. Comes down to what works best for some users and what there needs are. Seems that most or average home uses probably don't care about it, just as long as it works. For us geeksters, he'll ya, any thing to do some shade tree engineering.
« Last Edit: April 29, 2015, 09:17:20 AM by FurryNutz »
Logged
"Nothing Funny about It...." We are not here to Impress anyone! You have a be a COMPETENT user first to under stand COMPETENT help!