Re: Can't find the DNS Servers
On Wed, Oct 04, 2017 at 11:59:04AM -0500, David Wright wrote:
> On Wed 04 Oct 2017 at 09:11:37 (+0300), Reco wrote:
> > Hi.
> > On Tue, Oct 03, 2017 at 01:30:11PM -0700, Gary Roach wrote:
> > > OK Rico> I followed your instructions and still have the same problem.
> > > Attached are the new files. Already installed were isc-dhcp-client and
> > > resolvconf. You are right about the br1 entry not being needed. the virtual
> > > machine works fine without it.
> > So, what we have now is a definite improvement over the last time, but
> > some twists are needed.
> > While "dns-nameserver" stanzas are working now, your DHCP server also
> > advertises its own:
> > > # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
> > > # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
> > > nameserver 192.168.1.1
> > > nameserver 188.8.131.52
> > > nameserver 184.108.40.206
> > A correct way to fix this is to "persuade" your DHCP server not to
> > provide DNS information.
> > Even more correct way is to force your DNS-at-DHCP to use 220.127.116.11 as
> > forwarder DNS.
> > Since it's unnaturally complex to do so in a consumer-grade routers, a
> > hack is in order.
> But won't that send local host lookups to google which won't have a clue?
Why won't it have a clue?
"Four eights" is a huge pool of public resolvers. "Free" to use (in a
Google sense of a word).
An unnamed consumer-grade router will happily pass DNS requests to
anywhere. Unless it's been tinkered with, which is outside of scope of
ISP, of course can:
1) Pass DNS request along, as good ISP should.
2) Route DNS queries to *their* DNS servers. Whenever IPS is abided by
law to do so or merely tries to hijack NXDOMAIN answers to raise some
profit is hardly relevant to the issue.
3) Block DNS requests unless it is going to *their* DNS. Best thing that
can be done about this kind of ISP is contract termination.