Results 1 to 8 of 8
  1. #1
    Newbie
    Join Date
    Dec 2021
    Posts
    5

    Angry Passing multiple DNS servers via DHCP - Can't figure out dnsmasq syntax

    Hello everyone.

    I've got both AT&T and Spectrum home internet, so I'd like to be able to pass DNS severs from both companies, plus some generalized ones like 8.8.8.8 and 4.2.2.1 to all the DHCP clients on the network.

    For the life of me, I can't even figure out which command line option and the relevant syntax for dnsmasq to be able to pass all those servers to the various devices on the network.

    For extra added fun, I'd like to be able to either round-robin them or most ideally, request DNS from the service providing the outside interface that the session will use to get to the internet.

    The list of IPs are here:

    68.94.156.1,209.18.47.61,71.10.142.101,209.18.47.62,68.94.157.1,71.10.216.1,209.18.47.61,71.10.216.2,8.8.8.8,4.2.2.2,4.2.2.1

    Can someone help me with the syntax?

    Thanks!

    PT

  2. #2
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,497

    Default

    There is nothing magic, just a comma separated list WITHOUT SPACES in the DHCP override field.

    I will however point out, this is an absolutely, horrifically terrible idea.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  3. #3
    Newbie
    Join Date
    Dec 2021
    Posts
    5

    Default

    Quote Originally Posted by sky-knight View Post
    There is nothing magic, just a comma separated list WITHOUT SPACES in the DHCP override field.
    That field will only take two addresses.

    Quote Originally Posted by sky-knight View Post
    I will however point out, this is an absolutely, horrifically terrible idea.
    Why?

  4. #4
    Untangle Ninja jcoehoorn's Avatar
    Join Date
    Mar 2010
    Location
    York, NE
    Posts
    1,943

    Default

    Quote Originally Posted by PinkTroll View Post
    Why?
    One reason is clients only look beyond the first item in the list if that item is unavailable when they try it. You really want your first DNS server to be reliable and fast, and anything after that is just for emergencies.

    So if the first item is the DNS server for ISP A, clients routed via ISP B will still use ISP A's (presumably slower) DNS server.

    In a multi-ISP environment you really want to have a local (caching) DNS server (or two for safety; Active Directory makes this easy) and only hand that out to clients.

    Untangle has it's own DNS server that can fill this role for you. So hand out Untangle's address as the only DNS server (because if Untangle is not available internet access is down anyway), and set Untangle itself to use whichever of the public DNS servers responds fastest on Untangle's default connection.
    Last edited by jcoehoorn; 12-21-2021 at 08:43 AM.
    Five time Microsoft ASP.Net MVP managing a Lenovo RD330 / E5-2420 / 16GB with Untangle 16.5 to protect a 1Gbps fiber link for ~450 residential college students and associated staff and faculty

  5. #5
    Newbie
    Join Date
    Dec 2021
    Posts
    5

    Default

    That makes sense!

    Thank you for explaining that.

    So how would I set up Untangle clients to use the right DNS server for the connection they're using?

    EDIT: Nevermind, the outside interfaces learned the ISP specific DNS servers from the modems they're connected to.
    This should happen automatically.
    Last edited by PinkTroll; 12-21-2021 at 10:20 AM.

  6. #6
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,497

    Default

    You don't, and therein lies the problem.

    All clients will simply use the list of provided servers in order, and wait for timeouts when things do not work.

    Which is why you have to have a SERVER doing the choosing, and you let it do its job. And yes, Untangle does all this by default.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  7. #7
    Untangler
    Join Date
    Nov 2019
    Posts
    45

    Default

    If you care that much about dns response times, take a look at https://www.grc.com/dns/benchmark.htm it'll find the currently best performing servers for your current connection.

  8. #8
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,497

    Default

    Quote Originally Posted by ncksh View Post
    If you care that much about dns response times, take a look at https://www.grc.com/dns/benchmark.htm it'll find the currently best performing servers for your current connection.
    For the record, my comments here actually aren't concerned about the response times. ISP DNS servers often do not respond AT ALL to queries that do not come from inside their networks.

    DNS Timeouts? That's how you have a VERY bad day!
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2