Go to Network Tools
Select the "DNS Records" option. By default, your external IP is currently in the search box. Click the "Go!" button. This will show you all the DNS records including the official IP address of your ISP's name servers.
Here's an example:
Retrieving DNS records for ip-xxx.xx.xx.xx.xdsl.xnet.co.nz...
DNS servers
ns3.wxnz.net [113.20.11.209]
ns2.wxnz.net [58.28.6.2]
ns1.wxnz.net [58.28.4.2]
Answer records
ip-xxx.xx.xx.xx.xdsl.xnet.co.nz A xxx.xx.xx.xx 3600s
Authority records
xnet.co.nz NS ns1.wxnz.net 3600s
xnet.co.nz NS ns2.wxnz.net 3600s
xnet.co.nz NS ns3.wxnz.net 3600s
Additional records
ns1.wxnz.net A 58.28.4.2 300s
ns2.wxnz.net A 58.28.6.2 300s
ns3.wxnz.net A 113.20.11.209 300s
ns1.wxnz.net 28 [16 bytes] 300s
ns2.wxnz.net 28 [16 bytes] 300s
ns3.wxnz.net 28 [16 bytes] 300s
However, you may also find it better to browse the help pages for your ISP. They usually publish what numbers should be used for DNS. What you find using Network Tools is actually the IP addresses of the DNS servers that server the hostnames for your ISP's domain. They may have other caching DNS servers with different IP's that you should use for resolving DNS queries on the internet.
EDIT
I think I better point out the difference between a straight nameserver, and a caching recursive nameserver or DNS Cache
A nameserver simply responds to name queries for the records that it is responsible for.
In the case of an ISP, it's only for the ISP's domain and those that have been delegated to it.
A caching recursive nameserver. Is a server that'll actually resolve addresses on behalf of the one querying it that can be outside of the those delegated to the server.
BIND, the most common nameserver on the internet combines both functions. It's both a nameserver and a recursive nameserver.
There is a lot of DNS terminology going around and many names of the same thing. But basically, one just answers for it's domains, while another will answer for other domains too. That's why you can often get away with pointing your DNS queries at your IP's authoritive DNS servers. Don't do that though, use the IP's they give you or allow DHCP to do it.
So, my first answer to your question "How do I determine the IP address of you ISP's nameserver" is correct. BUT, I think you want "How do I determine the IP address of my ISP's DNS Cache?" is probably what you want.
Hopefully, the answer is found published on your ISP's website in the help or support pages. This should also be set through DHCP in your modem/router and can be viewed in it's built in web page or through the devices command line.
I have quite a bit of experience with dnsmasq on dd-wrt and especially close to the date of this comment. I can share with you my working solution to each of the answers to each requirement. I will resist adding more.
Each option in your active /tmp/dnsmasq.conf posted above comes directly from the config options you have selected as described
Except
for your hostname= entry which you should not use imo. You want
Used Domain: [WAN/LAN]
not Used Domain [WAN]
.
This will allow wired (LAN) and wireless (WAN) devices to work on your network.
Also pick a short Lan Domain: [dom ]
or any short word besides local. Some use lan some use localdomain . This is required for your requirements and will provide an anchor faux internal only domain that only you and internal users will see/use. The value you choose will be put into each DHCP client's search dom
resolver. I will use dom for the remainder but you can make it whatever you like.
I will start with the first two requirements.
DNS queries from the LAN/WLAN for hosts on the LAN/WLAN should be answered for both short names and FQDNs.
Since some of the devices are portable (like my phone), I need host.mydyndomain.net to resolve to a LAN IP when connected to the LAN and to the external IP when queried from outside the LAN.
For hosts having a different internal vs external ip but the same name on both sides of dd-wrt you need to have:
- Add one line per resolvable host in your
Static Leases
just below your correctly empty Additional DHCP Options
text area. Note the internal name web.dom
or just web
is for convenience when on the lan.
Note:
[Static Leases++++++++++++++++++++++++++++++++++++++++++++++++++++++++]
[MAC Address] [Host Name ][IP Address ][Client Lease Time]
[00:19:B9:5B:2B:A5] [web ][192.168.2.5 ][ 1440]
Notes: I thought this was used only for udhcpcd but this is also used by dnsmasq and will write both the actual dnsmasq.conf
with correct dhcp-host=
lines and puts a `ip host.dom entry for each in /tmp/hosts used by DNSMasq to do all the local name resolution.
I have a script and text file to create these entries as the web interface is a bit cumbersome. Here's what the script does in a nutshell.
macToHostNames.txt:
# comment lines ignored unless embedded set:tag values like set:kids
# note the ip is just the HOST portion of the subnet, eg: 192.168.1.32 -> 1.32
# host id mac address cnames/aliases for same box
kidhost1 1.32 00:MA:CA:DD:E5 alias1 nabi2 # in-line comment set:kid
web 1.5 00:AM:AC:AD:ES www homeweb # web server with aliases
EOF
generate_Files_Then_Send_Then_Activate_If_Tests_Are_Ok.sh < macToHostNames.txt
# this script file creates 3 files which are sent along with a test script:
dnsmasq_options.new # nvram set dnsmasq_options="$(cat dnsmasq_options.new)"
static_leases.new # nvram set static_leases="$(cat static_leases.new)"
static_leasenum.new # nvram set static_leasenum="$(cat static_leasnum.new)"
testDnsMasqOpts.sh # scp -p *.new test*.sh admin@gw:/tmp && ssh admin@gw "/tmp/test*.sh"
add address=/web.dynip.org/<ip>
lines in your DNSMasq Options box
address=/web.mydyndomain.net/192.168.2.5 # add as many of these as you need
finally you need to update your DDNS
config to provide the DDNS service mapping your external ISP provided dynamic ip address to resolve as web.mydyndomain.net
. I presume you have successfully configured this part.
With this configuration you can ping web
or ping web.dom
or ping web.mydyndomain.net
will return 192.168.2.5
while inside the firewall and access from outside by the name web.mydyndomain.org
still works.
The other requirements are met by your other config but you can safely add these lines as I have tested MANY times (to the point of writing a script to execute one dnsmasq line at a time and showing me the offending line since ALL dns logging is left out for space in my latest dnsmasq build and all you can rely on is the return status of the dnsmasq: $?).
For the last requrements I will show you lines of my config with comments (note you can put comments in the DNSMasq Additional Options box).
- Queries for DHCP leased hosts are being correctly returned (dd-wrt's "Local DNS" option for dnsmasq).
- Queries to any random non-existant host incorrectly return the external WAN IP address. So, "nslookup foobarbaz" gives a result when it should return an error.
domain-needed # dont fwd to ext DNS names with no domain
address=/web.mydnsdomain.org/192.168.2.5 # resolve to this internally!
expand-hosts # add .dom to host names without a domain
local=/dom/ # map all host.dom request to *this* dns
bogus-priv # reject local lookups not in hosts
localise-queries # for local servers
I will throw in some non-related freebies of questionable value (and for offsite backup).
no-ping # some swear by this one to get DNSMasq to work!
filterwin2k # junk from MSFT boxen (remove this if ldap SRV used)
cache-size=3000 # fast local DNS lookups
clear-on-reload # clear ifr.c changes and sig received
To Limit the number of DNS servers you can do with the dhcp-options=6 as follows:
dhcp-options=lan,6,8.8.8.8 # this will send only one nameserver entry for all hosts
Best Answer
First of all, please clean up your configuration. Is your
eth0
interface supposed to be configured with a static IP address or with DHCP? If static, why are you runningdhclient
? If DHCP, why does/etc/network/interfaces
list static IP parameters andiface eth0 inet static
instead ofiface eth0 inet dhcp
? Also, there is no reason you would need to add a default route via yourup route
command since you already specified the default route as thegateway
parameter.Now keep in mind that as per the name,
prepend domain-name-servers
adds DNS servers to the list that is supplied by the DHCP server. It doesn't replace them.I recommend that, instead of asking
dhclient
to customize the name servers you want to use, use theresolvconf
framework instead.resolvconf
coordinates all of the different possible sources of DNS nameserver information (including separate DHCP clients running on one or more network interfaces, local DNS servers you want to use as resolvers, and static configuration) and centralized the building of a single coherent/etc/resolv.conf
file. It's much better than letting several different things manage/etc/resolv.conf
and have them stomp over each other trying to do it.Install the
resolvconf
package if it isn't already installed. This will automatically disabledhclinent
's direct mucking with the/etc/resolv.conf
file.Now your requirement is that you don't want to use the nameserver(s) provided by the DHCP server, so comment the line that reads
eth*
in/etc/resolvconf/interface-order
. Be sure to also comment the last line of the file that reads*
, otherwiseeth0
will still be considered.Next, you want to use a set of statically provisioned nameservers instead. Since they're system-global (not related to the state if any given interface), you can add them as nameservers on the lo interface in
/etc/network/interfaces
:And then
ifdown lo; ifup lo
to activate this.