Redirect DNS requests with OpenWrt
I've brought a wireless router to my office, because there's no free network socket near my place. Every normal computer that is connected via Ethernet cable normally gets an IP and DNS server addresses from the enterprise router by DHCP.
Our organization has some internal addresses that have their own URIs that are resolved by the local DNS server. Now I can access them by IP address, but not URI, as "the host is unknown".
In the DHCP and DNS section of LuCI (OpenWrt's webinterface) under the option DNS Forwardings
I specified the addresses of enterprise DNS servers (they are static), but with no success.
How can I make OpenWrt forward all DNS requests that it can't resolve itself, to these enterprise servers, or just all DNS traffic to that servers?
Don't bother with DNS forwarding, or with OpenWrt's internal DNS server, just serve the existing DNS servers to your DHCP clients directly. You can do this by setting DHCP option 6, which will be formatted in the web interface like:
6,192.168.32.35,192.168.48.35
You can access the relevant part of the web interface in LuCI by going through Network --> Interfaces --> LAN --> Scroll down to bottom --> "Advanced Settings" tab:
I also have to remind you to do this only with the explicit knowledge and approval of your company's network admin, IT department, etc.
As an alternative to using DHCP option 6 you can directly change the DNS servers which OpenWrt uses. To do this navigate under the webinterface LuCI to
Network → Interfaces → WAN → Edit → Advanced Settings
and uncheck the option Use DNS servers advertised by peer
. Then a new option field Use custom DNS servers
should appear where you can enter the addresses of one or more DNS servers of your choice.
Screenshot: custom DNS servers in OpenWrt
Of course if your WAN interface has another name (e.g. because you're connected through IPv6) you have to change these settings for that interface instead.
This method has the general advantage that while OpenWrt uses your custom DNS servers for looking up any unknown address it still acts as a DNS server for the connected clients. That way the DNS queries of OpenWrt itself are answered by your custom DNS servers, too (might be important if your concern is privacy and therefore want to completely avoid using your internet provider's DNS servers for example).
Other advantages include that one DNS cache is being used for all clients (OpenWrt's DNS cache) and that you can still use OpenWrt's hosts
file to add custom entries etc.
I've only tested this method under OpenWrt 15.05 Chaos Calmer but I guess it should work the same way in previous versions.