Jump to content
  • EN

Template:Networking rutos manual dns: Difference between revisions

Template:Networking rutos manual dns (view source)

Revision as of 14:00, 27 June 2024

2,291 bytes removed ,  27 June
no edit summary
VisualWikitext
No edit summary
No edit summary
(10 intermediate revisions by 3 users not shown)
Line 1: Line 1:
{{Template: Networking_rutos_manual_fw_disclosure
{{Template: Networking_device_manual_fw_disclosure
| fw_version = {{{series}}}_R_00.02.06.1
| series = {{{series}}}
| series     = {{{series}}}
| name  = {{{name}}}
| fw_version ={{Template: Networking_device_manual_latest_fw
| series = {{{series}}}
| name  = {{{name}}}
}}
}}
}}


__TOC__
==Summary==
==Summary==


Line 18: Line 23:
The <b>General Settings</b> section is used to set up the main DNS parameters. Refer to the table below for information on each configuration field.
The <b>General Settings</b> section is used to set up the main DNS parameters. Refer to the table below for information on each configuration field.


[[File:Networking_rutos_manual_dns_general_settings.png|border|class=tlt-border]]
[[File:Networking_rutos_manual_dns_general_settings_v2.png|border|class=tlt-border]]


<table class="nd-mantable">
<table class="nd-mantable">
Line 27: Line 32:
     </tr>
     </tr>
     <tr>
     <tr>
         <td>Domain required</td>
         <td>Log queries</td>
         <td>off | on; default: <b>on</b></td>
         <td>off {{!}} on; default: <b>off</b></td>
         <td>When enabled, stops forwarding queries for plain names, without dots or domain parts, to upstream nameservers. If the name is not known from <i>/etc/hosts</i> or DHCP then a "not found" answer is returned.</td>
         <td>Write received DNS requests to syslog.</td>
     </tr>
     </tr>
     <tr>
     <tr>
         <td>Local server</td>
         <td>DNS forwardings</td>
         <td>string; default: <b>/lan/</b></td>
         <td>Hostname (domain name) {{!}} IP address (ip); default: <b>none</b></td>
         <td>Local domain specification. Names matching this domain are never forwarded and are resolved from DHCP or hosts files (<i>/etc/hosts</i>) only.</td>
         <td>List of DNS servers to forward requests to. See the dnsmasq -S option man page for syntax details.</td>
     </tr>
     </tr>
     <tr>
     <tr>
         <td>Local domain</td>
         <td>Addresses</td>
         <td>domain name; default: <b>lan</b></td>
         <td>Hostname (domain name) {{!}} IP address (ip); default: <b>none</b></td>
        <td>Local domain suffix appended to DHCP names and hosts file entries.</td>
         <td>List of IP addresses for queried domains. See the dnsmasq -A option man page for syntax details.</td>
    </tr>
    <tr>
        <td>Log queries</td>
        <td>off | on; default: <b>off</b></td>
        <td>When enabled, write received DNS requests to syslog.</td>
    </tr>
    <tr>
        <td>DNS forwardings</td>
        <td>string; default: <b>none</b></td>
         <td>List of DNS servers to forward requests to.</td>
     </tr>
     </tr>
     <tr>
     <tr>
         <td>Rebind protection</td>
         <td>Rebind protection</td>
         <td>off | on; default: <b>on</b></td>
         <td>off {{!}} on; default: <b>on</b></td>
         <td>Discards upstream RFC1918 responses. When enabled, the device will not resolve domain names for internal hosts.</td>
         <td>Discards upstream RFC1918 responses. When enabled, the device will not resolve domain names for internal hosts.</td>
    </tr>
    <tr>
        <td>Allow localhost</td>
        <td>off | on; default: <b>on</b></td>
        <td>Allow upstream responses in the 127.0.0.0/8 range. For example, for RBL services.</td>
    </tr>
    <tr>
        <td>Domain whitelist</td>
        <td>domain name(s); default: <b>none</b></td>
        <td>List of domains to allow RFC1918 responses for.</td>
     </tr>
     </tr>
     <tr>
     <tr>
         <td>Local Service Only</td>
         <td>Local Service Only</td>
         <td>off | on; default: <b>off</b></td>
         <td>off {{!}} on; default: <b>off</b></td>
         <td>Limit DNS service to subnets and interfaces on which this device is serving as a DNS server.</td>
         <td>Limit DNS service to subnets interfaces on which we are serving DNS.</td>
    </tr>
    <tr>
        <td>Non-wildcard</td>
        <td>off | on; default: <b>on</b></td>
        <td>Binds only to specific interfaces rather than wildcard address.</td>
     </tr>
     </tr>
     <tr>
     <tr>
         <td>Listen Interfaces</td>
         <td>Listen Interfaces</td>
         <td>network interface(s); default: <b>none</b></td>
         <td>network interface(s); default: <b>none</b></td>
         <td>Limits listening for DNS queries to interfaces specified in this field and loopback. Leave empty to listen on all interfaces.</td>
         <td>Limit DHCP and DNS requests listening to these interfaces, and loopback. Leave empty to listen on all interfaces.</td>
     </tr>
     </tr>
     <tr>
     <tr>
         <td>Exclude Interfaces</td>
         <td>Exclude Interfaces</td>
         <td>network interface(s); default: <b>none</b></td>
         <td>network interface(s); default: <b>none</b></td>
         <td>Prevents listening for DNS queries on interfaces specified in this field. Leave empty to listen on all interfaces.</td>
         <td>Prevent DHCP and DNS requests listening on these interfaces. Leave empty to listen on all interfaces.</td>
     </tr>
     </tr>
</table>
</table>


==Resolve and Hosts Files==
===Advanced Settings===


The <b>Resolve and Hosts Files</b> section is used to configure the usage of these files:
The <b>Advanced Settings</b> section is used to set up some of the more specific DNS parameters. Refer to the table below for information on each configuration field.
 
<ul>
    <li><b><i>/etc/hosts</i></b> - the hosts file; contains hostname/IP address combinations for DNS hostname resolution; it is always checked first;</li>
    <li><b><i>/etc/resolv.conf</i></b> - the resolve file; contains instructions that state the default search domain(s) that are used to complete a received query name into a fully qualified domain name (FQDN) when no domain suffix is provide.<br>Also contains a list of nameserver IP addresses for hostname resolution (DNS servers);</li>
    <li><b><i>/tmp/resolv.conf.auto</i></b> - alternative resolve file, used for public hostname resolutions. The path to this file can be changed from this section.</li>
</ul>
 
Refer to the table below for information on each configuration field.


[[File:Networking_rutos_manual_dns_resolve_and_hosts_files.png|border|class=tlt-border]]
[[File:Networking_rutos_manual_dns_advanced_settings_v2.png|border|class=tlt-border]]


<table class="nd-mantable">
<table class="nd-mantable">
Line 109: Line 81:
     </tr>
     </tr>
     <tr>
     <tr>
         <td>Ignore resolve file</td>
         <td>Filter private</td>
         <td>off | on; default: <b>off</b></td>
         <td>off {{!}} on; default: <b>on</b></td>
         <td>When enabled, doesn't read upstream servers from <i>/etc/resolv.conf</i> which is linked to the resolve file by default.</td>
         <td>Do not forward reverse lookups for local networks.</td>
     </tr>
     </tr>
     <tr>
     <tr>
         <td>Resolve file</td>
         <td>Localise queries</td>
         <td>text file; default: <b>none</b></td>
         <td>off {{!}} on; default: <b>on</b></td>
         <td>Specifies an alternate DNS resolve file to use instead of the default one (<i>/tmp/resolv.conf.auto</i>).</td>
         <td>Localise hostname depending on the requesting subnet if multiple IPs are available.</td>
     </tr>
     </tr>
     <tr>
     <tr>
         <td>Ignore /etc/hosts</td>
         <td>Additional servers file</td>
         <td>off | on; default: <b>off</b></td>
         <td>text file; default: <b>none</b></td>
         <td>Local domain suffix appended to DHCP names and hosts file entries.</td>
         <td>Uploads an additional DNS servers file. This file may contain lines like 'server=/domain/1.2.3.4' or 'server=1.2.3.4' for domain-specific or full upstream DNS servers.</td>
     </tr>
     </tr>
     <tr>
     <tr>
         <td>Additional Hosts files</td>
         <td>Size of DNS query cache</td>
         <td>text file; default: <b>none</b></td>
         <td>integer [0..10000]; default: <b>none</b></td>
         <td>Uploads a hosts files to use in addition to <i>/etc/hosts</i>.</td>
         <td>Number of cached DNS entries (max is 10000, 0 is no caching).</td>
     </tr>
     </tr>
</table>
</table>


==Advanced Settings==
==HTTPS DNS Proxy==
 
Light-weight DNS-over-HTTPS, non-caching translation proxy for the RFC 8484 DoH standard. It receives regular (UDP) DNS requests and resolves them via DoH resolver.
 
<b>Note:</b> IGMP Proxy is additional software that can be installed from the <b>System → [[{{{name}}} Package Manager|Package Manager]]</b> page.
 
===HTTPS DNS proxy configuration===


The <b>Advanced Settings</b> section is used to set up some of the more specific DNS parameters. Refer to the table below for information on each configuration field.
The <b>HTTPS DNS proxy configuration</b> section is used to enable the service. Refer to the table below for information on each configuration field.


[[File:Networking_rutos_manual_dns_advanced_settings.png|border|class=tlt-border]]
[[File:Networking_rutos_manual_https_dns_proxy.png|border|class=tlt-border]]


<table class="nd-mantable">
<table class="nd-mantable">
Line 143: Line 121:
     </tr>
     </tr>
     <tr>
     <tr>
         <td>Filter private</td>
         <td>Enable</td>
         <td>off | on; default: <b>on</b></td>
         <td>off {{!}} on; default: <b>off</b></td>
         <td>Do not forward reverse lookups for local networks.</td>
         <td>Enables HTTPS DNS proxy configuration.</td>
     </tr>
     </tr>
</table>
===DNS over HTTPS resolvers===
The <b>DNS over HTTPS resolvers</b> section is used to set up some of the more specific DNS parameters. Refer to the table below for information on each configuration field.
[[File:Networking_rutos_manual_dns_over_https_resolvers.png|border|class=tlt-border]]
<table class="nd-mantable">
     <tr>
     <tr>
         <td>Filter useless</td>
         <th>Field</th>
         <td>off | on; default: <b>off</b></td>
         <th>Value</th>
         <td>When disabled, does not forward requests that cannot be answered by public name servers.</td>
         <th>Description</th>
     </tr>
     </tr>
     <tr>
     <tr>
         <td>Localise queries</td>
         <td>Preset</td>
         <td>off | on; default: <b>on</b></td>
         <td>Custom {{!}} Google {{!}} CloudFlare; default: <b>CloudFlare</b></td>
         <td>Localise hostname depending on the requesting subnet if multiple IPs are available.</td>
         <td>Presets for popular DNS over HTTPS resolvers. Use "Custom" to set your resolver.</td>
     </tr>
     </tr>
     <tr>
     <tr>
         <td>Expand hosts</td>
         <td>Bootsrap DNS</td>
         <td>off | on; default: <b>on</b></td>
         <td>IPv4/IPv6 address; default: <b>depends on the service provider</b></td>
         <td>Adds local domain suffix to names served from the hosts file(s).</td>
         <td>This DNS is used for the initial "Resolver URL" resolve.</td>
     </tr>
     </tr>
     <tr>
     <tr>
         <td>No negative cache</td>
         <td>Resolver URL</td>
         <td>off | on; default: <b>off</b></td>
         <td>url; default: <b>depends on the service provider</b></td>
         <td>When disabled, does not cache negative replies, i.e., "no such domain" responses.</td>
         <td>Resolver URL.</td>
     </tr>
     </tr>
     <tr>
     <tr>
         <td>Additional servers file</td>
         <td>Port</td>
         <td>text file; default: <b>none</b></td>
         <td>integer [1..65535]; default: <b>depends on the service provider</b></td>
         <td>Uploads an additional DNS servers file. This file may contain lines like 'server=/domain/1.2.3.4' or 'server=1.2.3.4' for domain-specific or full upstream DNS servers.</td>
         <td>Internal port used for this resolver. Change only if it collides with existing ports on this device.</td>
     </tr>
     </tr>
     <tr>
     <tr>
         <td>Strict order</td>
         <td>Actions</td>
         <td>off | on; default: <b>off</b></td>
         <td>-interactive button; default: <b>Delete</b></td>
         <td>When enabled, DNS servers will be queried in the order of the resolve file.</td>
         <td>Deletes the preset.</td>
    </tr>
    <tr>
        <td>All Servers</td>
        <td>off | on; default: <b>off</b></td>
        <td>When enabled, queries all available upstream DNS servers.</td>
    </tr>
    <tr>
        <td>Bogus NX Domain Override</td>
        <td>ip; default: <b>none</b></td>
        <td>List of hosts that supply bogus NX domain results.</td>
    </tr>
    <tr>
        <td>DNS server port</td>
        <td>integer [0..65535]; default: <b>none</b></td>
        <td>Listening port for inbound DNS queries.</td>
    </tr>
    <tr>
        <td>DNS query port</td>
        <td>integer [0..65535]; default: <b>none</b></td>
        <td>Fixed source port for outbound DNS queries.</td>
    </tr>
    <tr>
        <td>Max. EDNS0 packet size</td>
        <td>integer [0..9999999999999999]; default: <b>none</b></td>
        <td>Maximum allowed size of Extension Mechanisms for Domain Name System.0 UDP packets.</td>
    </tr>
    <tr>
        <td>Max. concurrent queries</td>
        <td>integer [0..9999999999999999]; default: <b>none</b></td>
        <td>Maximum allowed number of concurrent DNS queries.</td>
    </tr>
    <tr>
        <td>Size of DNS query cache</td>
        <td>integer [0..10000]; default: <b>none</b></td>
        <td>Number of cached DNS entries. Set to 0 for no caching.</td>
     </tr>
     </tr>
</table>
</table>
<b>Note:</b> If more than one resolver is specified then the first is used as the main one and others are used as failovers.


[[Category:{{{name}}} Network section]]
[[Category:{{{name}}} Network section]]
Retrieved from "https://wiki.teltonika-networks.com/view/Special:MobileDiff/77994...128104"