Re: Forwarding / Tunnelling DNS

[Danny Sauer <cloudmaster@cloudmaster.com>]

On Tuesday 19 April 2005 11:42 am, Herbie wrote:
> Never to sure on my nomenclature.
>
> My ISP captures all DNS traffic, so no matter what DNS server I may have
> set in resolv.conf I always am using their DNS servers, this would be OK,
> except they keep failing, and I am left with a working net link but no
> DNS service.
>
> I have a machine in the outside world, that I can use for DNS lookups (no
> DNS server on it, but it's outwith my ISP's control).
>
> I'm thinking the easiest way to do this is run a DNS server on my home
> network, that just contacts this box via a non-standard port for DNS
> lookups.
>
> I've been looking at djbdns and pdnsd as options, neither seems to do
> exactly what I need.
>
> Whats the easiest way to do this, if I'm overengineering this, and could
> acheive the same using iptables on my firewall, let me know?

You could use iptables to change the destination port (and address) on 
outgoing DNS requests, then use iptables (or similar) on the 
outside-the-ISP hostto redirect that non-standard port to the DNS server of 
your choice.  That'd save you the hassle of running a local DNS, but the 
caching benefits might outweigh the setup hassle.

Or you could let the ISP know that their DNS servers don't work, and that 
it's therefore a bad idea to send all queries to said servers. :)

--Danny

-
To unsubscribe, send email to majordomo@luci.org with
"unsubscribe luci-discuss" in the body.