EdgeRouter DNS Forwarding And The Router's Hostname

SHARE
January 27, 2019
SysAdmin
HOWTO, Networking, Tip

If you’ve ever set up DNS forwarding on a Ubiquiti EdgeRouter and have your own internal authoritative DNS servers, then you may have noticed that it doesn’t quite work right. If you look up the hostname of your router via the EdgeRouter, you’ll always get back an address of 127.0.1.1.

WTF?!

The Problem

EdgeOS makes use of dnsmasq for its DNS server needs. For the most part this works well and is very flexible. It allows you to set up a cached DNS forwarder and do all sorts of nifty DNS routing. Unfortunately, the default options are a little wonky.

By default, dnsmasq will read /etc/hosts and use what it finds there to answer DNS queries. While this may be good for some scenarios, it’s terrible in others. For example, the edgerouter adds default hosts entries for the router itself, that look like this:

127.0.1.1 hyperdrive #vyatta entry
127.0.1.1 hyperdrive.aus.floating.io #vyatta entry

Due to the dnsmasq options, it picks these up and will always answer queries for the router’s hostname with an unreachable loopback IP address.

Because there’s no place like 127.0.1.1…

The Fix

Dealing with this is thankfully simple. Just turn one option on, and you’re set:

ubnt@hyperdrive:~$ configure
[edit]
ubnt@hyperdrive# edit service dns forwarding
[edit service dns forwarding]
ubnt@hyperdrive# set options no-hosts
[edit service dns forwarding]
ubnt@hyperdrive# commit
[edit service dns forwarding]
ubnt@hyperdrive# save
Saving configuration to '/config/config.boot'...
Done

This sets the –no-hosts option on dnsmasq, which prevents it from reading /etc/hosts at all. Now your DNS forwarder will completely ignore anything it finds in there and simply forward the request to your configured DNS servers. It’s also worth noting that the DHCP/DNS integration works through a different mechanism, so that will still work just fine if you choose to use it.

The other suggestions I’ve seen involve setting interface parameters to force a static DNS mapping, but this has the advantage of forwarding the DNS request to your actual nameservers.

Hopefully this will help someone out there. It’s been annoying me for a few days now as I set up my folks’ network…

Previously On
SysAdmin...

Zabbix Agent on Redsleeve

April 30, 2016
SysAdmin
Many of my basic network services live on Raspberry Pi hosts. DNS, DHCP, my yum repository mirrors, my git server… These useful little machines make excellent utility hosts for simple tasks that don’t require much horsepower. But …

Zabbix, varnishstat, and SELinux

April 25, 2016
SysAdmin
In my last post, I discussed using Zabbix to monitor varnish. I said it was easy, and that was mostly true — but it also missed one detail that made the situation a bit more complex. It has nothing to do with Zabbix or Varnish …

Monitoring and Other Mayhem

April 18, 2016
SysAdmin
Yeah, it was an ugly day today. We got a few inches of rain (complete with wild tunderstorms) in just a couple of hours, and the beautiful river I live on has turned to mud as a result. A perfectly cruddy end to a perfectly cruddy …
See more in SysAdmin
Copyright ©2016-2024 floating.io. All rights reserved.