Question about DNS

SandLake

I have DNS settings within Windows (Win7) and also in my router. Which ones do I use?

For example if I want to change to use OpenDNS, do I change the settings in Win7 or in my router? - I know I could change both but I am trying to understand how this works. The fact that there are DNC Changer utilities would suggest that it is within windows - so what is the point of the settings in my router?

Maybe the first port of call is within Windows and if the address is resolved then off it goes and gets the site, if not then it moves onto the router, tries to resolve it there, if it finds it off it goes to the site, if not then moves onto ISP DNS Server, and goes through the process again. Is that the way it works?

Johnmcl7

If you want to change all devices on your network to use OpenDNS then you'd only change it on the router as then any devices using the router for DNS will then effectively be using OpenDNS since the router will supply the data from OpenDNS.

If you wanted to test a DNS server without affecting the other machines on your network then you'd only set it on your PC. Your understanding is correct that the PC will try to resolve the address first, then fall back to the router, if the router doesn't have the IP address it will then query the DNS server it's configured for etc. If you configure your PC to use an external DNS server only then it can cause issues resolving addresses within your own network.

John

SandLake

Thank you!

I have been researching this and in general anything I can find is ambiguous but that clears it up.

Cheers

SandLake

Sorry, one further question.

If I want one device (Device A) to use the routers DNS but another device to use it's own DNS how do I ensure that Device A does not use it's own DNS - Think I have just worked that out - "obtain DNS Server address automatically" - Is that right?

Any ideas where that setting is on an Android device?

Johnmcl7

Yes, if you don't specify a DNS server the machine will use whatever it is given by the router which by default is normally the router itself. So the typical settings a router may give out could be 192.168.1.5 for the PC's IP address, 255.255.255.0 for the subnet, 192.168.1.1 for the gateway (the router itself) and 192.168.1.1 for the DNS server (also the router). On a Windows machine if you hold Windows and R to bring up the run box, type cmd then type ipconfig /all and hit return you can see all the currently assigned network information.

So if you change one PC to use the OpenDNS settings and nothing else, the other DHCP devices on the network will continue to get their DNS settings automatically and continue to use the router as a DNS server.

What are you wanting to do on the Android device, set an IP automatically or manually? By default the Android device will get all its network settings from the router, if you want to put then in manually then it will depend on what version of Android you are using and what skin. On a fairly stock Sony, static IP settings are configured by ticking advanced options on the join network dialogue (also brought up by holding your finger on the network name and choosing the modify option)

John

securityguy

Johnmcl7 wrote: »

Your understanding is correct that the PC will try to resolve the address first, then fall back to the router, if the router doesn't have the IP address it will then query the DNS server it's configured for etc.

That's not always true.

Some routers run a recursive resolver. In that case, the router hands out its own IP number as the DNS server to be used by other devices on the network. If all the devices on the network use simple DHCP to obtain their configuration then they will consult their own cache, if they have one, then they will make a query to the router. The router consults its cache and then, if it needs to, passes the request on the ISP, OpenDNS, Google or whatever nameservers. These queries are always recursive, in that they expect a complete answer back, and there are also some significant security concerns about them.

Other routers don't run a recursive resolver. On the surface they are configured the same, in that you input a list of resolvers to the router (or the router obtains them itself from the ISP). However, the router does not hand out its own IP number in DHCP responses, rather it hands out the IP numbers it's been configured with. In that scenario, the clients look in their own cache, and then if that fails, they go straight to the outside world. These have a different set of security problems, but probably overall slightly fewer. On the other hand, the absence of a central cache at the router means you make more outbound queries, which is (slightly) slower.

You can easily tell the difference. If /etc/resolv.conf, the servers listed in IPCONFIG/ALL or whatever contain the IP number of your router, then it's the first scenario. If they contain the IP number of your ISP, OpenDNS or Google's name servers, it's the second.

bluesnake

On your pc, the first dns query is your locally stored 'host' file which may contain a 127.0.0.1 address but that is normally about all.

Perhaps you wish to google 'dnscrypt' and download it. Apparently you can change it from the default opendns settings, but i have not bothered.

SandLake

I am really just keen to understand how it works, I read an article on DNS switching and it got me thinking. I think it is also possible to use certain DNS settings to access foreign websites!

Thanks for all the help

dogmaryxx

This may interest you.

http://www.ghacks.net/2014/02/12/dns-switch-change-dns-servers-click-button/

SandLake

That was the article I had been reading originally - read a few more since then!

Got another question now!

My PC is set to "obtain DNS Server address automatically" so I looked into my router settings and they are set at 0.0.0.0 - so I guess that I am going to my ISP (Plusnet) to 'find' a DNS server - is it better to have these set in my router settings?

droopsnoot

For broadband connections, I always used to set the router to whatever the ISP told me to (which was generally to obtain the addresses from the ISP, even on a static IP connection), and configure the PCs to use the router for the default gateway address, and for the DNS server address. The router would then forward the DNS request to whatever server(s) it was using when it made the connection. I didn't come across a router that wouldn't work that way, but I was told that there are some around.

That said, I always configured the local network with static addresses, not using DHCP, for various local reasons.

The problem with entering the DNS server addresses in your router (or PC) is that if your ISP changes those settings (and disables the old ones), you'll have to edit the router configuration to get the new ones. Granted it's reasonably unlikely that they will change (I think we were with PlusNet for around 8 years and didn't have to change them in that time).