i just replaced my previous router with a WRVS4400N, Firmware Version: V1.1.13-ETSI , and largely it's great. However I really need to stop it from intercepting DNS requests.
I'm running it in router mode with all public address pace, but due to the DNS interception:
1) it's breaking my reverse DNS, which is set up correctly on my ISPs DNS servers
2) it's not letting me query specific external DNS servers.
This is a huge issue as I'm a DNS admin and regularly need to test specific DNS servers, so the router intercepting my requets and providing an answer form some other DNS server is a huge issue.
So is there any way I can prevent this behaviour?
I am looking at your post and trying to figure out what exactly you have going on here. The wrvs4400n does not have dns interception on it. Could you please elaborate a little bit more on your situation. Thank You.
That's odd because it's acting as though it does.
Internally if I look up the IP address of the router I get the following response:
$ host 22.214.171.124
126.96.36.199.in-addr.arpa domain name pointer www.routerlogin.com.
and a failed response for any of the other reverse DNS entries at my ISP, but if I do the same look up externally I get:
$ host 188.8.131.52
184.108.40.206.in-addr.arpa domain name pointer gw.scramworks.net.
Likewise I can do things like the following:
$ host cisco.com 220.127.116.11
Using domain server:
cisco.com has address 18.104.22.168
Which simply shouldn't work, I'll check with my ISP in case they've started doing something odd that coincided with my changing router.
I do have a question for you on this. You stated that you have the router in router mode. If that is the case the firewall on the router is disabled and all it is doing is forwarding traffic. If you have it in gateway mode then the firewall is enabled and might pose an issue. Let me know what mode it is in if you dont mind. Thank You.
Yeah you may be getting the dns interception from something else in the network. With it in router mode the firewall is disabled. Keep me posted on what you turn up on it. Thank You.
Hi I shoved my old Zyxel back into place and DNS behaved as expected, put the WRVS4400N back in and DNS oddness returned.
Have reset it back to factory defaults and reconfigured and tried with both router and gateway mode and same thing.
I get the same result with the internet cable disconnected including by asking non-existant servers, which wouldn't be reachable anyway as it was done when the ADSL link was disconnected.
So as far as I can work out the problems definately the router, I've done the lookups from both Windows XP, 7 and OpenBSD machines, and I've done an rndc flush on the LAN side name server. But given I get the same result when specifying external servers (with the adsl link unplugged) I think it's safe to say it's not an issue with the local DNS server.
Here's the output when the internet cable was unplugged from the router:
$ host -v 22.214.171.124 126.96.36.199
Using domain server:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57071
;; flags: qr; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;188.8.131.52.in-addr.arpa. IN PTR
;; ANSWER SECTION:
184.108.40.206.in-addr.arpa. 3600 IN PTR www.routerlogin.com.
Just as a thought, no idea if it's relevant, I'm also having quite a problem blocking in bound traffic whilst allowing outbound.
Hey scramworks, I consulted with one of our escalation engineers and he stated they are aware of the problem and are working towards a solution. There is no estimated time of a fix on the issue. He stated that if you would like further assistance on this issue that you can call our S-TAC and they can escalate the case to their escalation. Thank You. The support Stac's number is 866-606-1866.
Thanks for the update. I'll stop trying to work out how to turn it off for now then. At least I know it's not soemthing I'd done.
Just had the same problem when upgraded to 1.13. DNS for external sites didn't work any more.
I'm running SBS2008, so the server handles DNS and DHCP requests, instead of the router.
Downgraded to version 1.03 and the problem is solved for now..
I'll give down grading a try then, though as the release notes for the newer firmware states that it resolves an issue with IPv6 that's not really ideal.
But then as currently the router stops forwarding DNS requests once or twice a day, only restarting after I reload the firewall conifg (just clicking save on the firewall tab) it's hardly usable as is.
I'll report back if it works for me as well.
Thanks for the tip.
Down grading to 1.03 did indeed solve the problem. No more DNS interception and no more having to restart the firewall component to get DNS working again at regular intervals.
I have the same problem with firmware V 1.1.13, i can´t use OpenDNS service, any news about the solution?