DNS Server Solution for FB Router/Shared Connection

Support
2

Hi! I had the same need and what I did was to install dnsmasq via command line. Do you have any experience with it? I can give you some hints and depending of what you get of it I get more into details:

  1. Disable bind via web interface
  2. Check if there’s any service listening at the dns port: sudo ss -tlnp | grep 53 (read last column right, the p for process). If nothing appears, the port is available for us. You may need to check /etc/resolv.conf (uses no port) and /etc/resolvconf.conf (systemd service config file that listens at localhost:53)
  3. Install dnsmasq sudo apt install dnsmasq and enable its service sudo systemctl enable dnsmasq so that it starts automatically after any reboot
  4. Now, by default, anything you write in /etc/hosts, is read by dnsmasq and already acts as a dns query forwarder. So you can try echo 'doubleclick.com 0.0.0.0' | sudo tee -a /etc/hosts and then try to resolve this domain from the freedombox with host doubleclick.com. If some not zero IP appears, bad. However, host reads too /etc/hosts. Know, to test dnsmasq (you need to reload/restart it for every update on /etc/hosts) you can do dig doubleclick.com @localhost). The best test though, is from your laptop. Same dig command.
  5. If you were trying the bind way, you may already have done this, but it’s essential. Go to your router admin page, and wherever it lets you (if even) to edit the DNS server pair the DHCP server tells its clients to set, there, input your FB private ip address. The second one can be the privacy firendly dns provider (like njal.la 's) or that other external one you are using now.) 's) or that other external one you are using now. Apply/save.
  6. from your laptop, check the dns servers you are using. In most linuxes I’ve used, it’s either cat /etc/resolv.conf or it it says localhost, then cat /etc/resolvconf.conf. In windows, it’s under wifi connection properties or something like that. Probably ipconfig at the cmd works too.
  7. disconnect and reconnect to the wifi from your laptop. Thus we force a dhcp request and a dns server list update. Ensure that the first nameserver configured is your FB’s local IP address.
  8. From your laptop, go to https://doubleclick.com. What do you see?

I know it’s a long list and my midnight english is not great. I hope it works for you at least for inspiration ^^

PS: there are interesting dnsmasq config tweaks like

  • reading another file instead of /etc/hosts, so you can just use some public ad-banning list.. With no-hosts and addn-hosts=/etc/hosts_dnsmasq
  • don’t use dnsmasq format of servers. Stick to the etc-host way. I tried the first and each query was 10x slower :confused:
  • set the nameserver to use with no-resolv and server=95.215.19.53 or your favorite private dns public server.
1 Like