Difference between revisions of "Template:Networking rutos manual dns"

From Teltonika Networks Wiki
(11 intermediate revisions by 3 users not shown)
Line 1: Line 1:
{{Template: Networking_device_manual_fw_disclosure
+
{{Template:Networking_rutos_manual_fw_disclosure
| series = {{{series}}}
+
| fw_version = {{{series}}}_R_00.02.05.1
| name  = {{{name}}}
+
| series     = {{{series}}}
| fw_version ={{Template: Networking_device_manual_latest_fw
 
| series = {{{series}}}
 
| name  = {{{name}}}
 
}}
 
 
}}
 
}}
  
__TOC__
 
 
==Summary==
 
==Summary==
  
Line 23: Line 18:
 
The <b>General Settings</b> section is used to set up the main DNS parameters. Refer to the table below for information on each configuration field.
 
The <b>General Settings</b> section is used to set up the main DNS parameters. Refer to the table below for information on each configuration field.
  
[[File:Networking_rutos_manual_dns_general_settings_v2.png|border|class=tlt-border]]
+
[[File:Networking_rutos_manual_dns_general_settings.png|border|class=tlt-border]]
  
 
<table class="nd-mantable">
 
<table class="nd-mantable">
Line 30: Line 25:
 
         <th>Value</th>
 
         <th>Value</th>
 
         <th>Description</th>
 
         <th>Description</th>
 +
    </tr>
 +
    <tr>
 +
        <td>Domain required</td>
 +
        <td>off | on; default: <b>on</b></td>
 +
        <td>When enabled, stops forwarding queries for plain names, without dots or domain parts, to upstream nameservers. If the name is not known from <i>/etc/hosts</i> or DHCP then a "not found" answer is returned.</td>
 +
    </tr>
 +
    <tr>
 +
        <td>Local server</td>
 +
        <td>string; default: <b>/lan/</b></td>
 +
        <td>Local domain specification. Names matching this domain are never forwarded and are resolved from DHCP or hosts files (<i>/etc/hosts</i>) only.</td>
 +
    </tr>
 +
    <tr>
 +
        <td>Local domain</td>
 +
        <td>domain name; default: <b>lan</b></td>
 +
        <td>Local domain suffix appended to DHCP names and hosts file entries.</td>
 
     </tr>
 
     </tr>
 
     <tr>
 
     <tr>
 
         <td>Log queries</td>
 
         <td>Log queries</td>
         <td>off {{!}} on; default: <b>off</b></td>
+
         <td>off | on; default: <b>off</b></td>
         <td>Write received DNS requests to syslog.</td>
+
         <td>When enabled, write received DNS requests to syslog.</td>
 
     </tr>
 
     </tr>
 
     <tr>
 
     <tr>
 
         <td>DNS forwardings</td>
 
         <td>DNS forwardings</td>
         <td>Hostname (domain name) {{!}} IP address (ip); default: <b>none</b></td>
+
         <td>string; default: <b>none</b></td>
         <td>List of DNS servers to forward requests to. See the dnsmasq -S option man page for syntax details.</td>
+
         <td>List of DNS servers to forward requests to.</td>
 
     </tr>
 
     </tr>
 
     <tr>
 
     <tr>
         <td>Addresses</td>
+
         <td>Rebind protection</td>
         <td>Hostname (domain name) {{!}} IP address (ip); default: <b>none</b></td>
+
         <td>off | on; default: <b>on</b></td>
         <td>List of IP addresses for queried domains. See the dnsmasq -A option man page for syntax details.</td>
+
         <td>Discards upstream RFC1918 responses. When enabled, the device will not resolve domain names for internal hosts.</td>
 +
    </tr>
 +
    <tr>
 +
        <td>Allow localhost</td>
 +
        <td>off | on; default: <b>on</b></td>
 +
        <td>Allow upstream responses in the 127.0.0.0/8 range. For example, for RBL services.</td>
 
     </tr>
 
     </tr>
 
     <tr>
 
     <tr>
         <td>Rebind protection</td>
+
         <td>Domain whitelist</td>
         <td>off {{!}} on; default: <b>on</b></td>
+
         <td>domain name(s); default: <b>none</b></td>
         <td>Discards upstream RFC1918 responses. When enabled, the device will not resolve domain names for internal hosts.</td>
+
         <td>List of domains to allow RFC1918 responses for.</td>
 
     </tr>
 
     </tr>
 
     <tr>
 
     <tr>
 
         <td>Local Service Only</td>
 
         <td>Local Service Only</td>
         <td>off {{!}} on; default: <b>off</b></td>
+
         <td>off | on; default: <b>off</b></td>
         <td>Limit DNS service to subnets interfaces on which we are serving DNS.</td>
+
         <td>Limit DNS service to subnets and interfaces on which this device is serving as a DNS server.</td>
 +
    </tr>
 +
    <tr>
 +
        <td>Non-wildcard</td>
 +
        <td>off | on; default: <b>on</b></td>
 +
        <td>Binds only to specific interfaces rather than wildcard address.</td>
 
     </tr>
 
     </tr>
 
     <tr>
 
     <tr>
 
         <td>Listen Interfaces</td>
 
         <td>Listen Interfaces</td>
 
         <td>network interface(s); default: <b>none</b></td>
 
         <td>network interface(s); default: <b>none</b></td>
         <td>Limit DHCP and DNS requests listening to these interfaces, and loopback. Leave empty to listen on all interfaces.</td>
+
         <td>Limits listening for DNS queries to interfaces specified in this field and loopback. Leave empty to listen on all interfaces.</td>
 
     </tr>
 
     </tr>
 
     <tr>
 
     <tr>
 
         <td>Exclude Interfaces</td>
 
         <td>Exclude Interfaces</td>
 
         <td>network interface(s); default: <b>none</b></td>
 
         <td>network interface(s); default: <b>none</b></td>
         <td>Prevent DHCP and DNS requests listening on these interfaces. Leave empty to listen on all interfaces.</td>
+
         <td>Prevents listening for DNS queries on interfaces specified in this field. Leave empty to listen on all interfaces.</td>
 +
    </tr>
 +
</table>
 +
 
 +
==Resolve and Hosts Files==
 +
 
 +
The <b>Resolve and Hosts Files</b> section is used to configure the usage of these files:
 +
 
 +
<ul>
 +
    <li><b><i>/etc/hosts</i></b> - the hosts file; contains hostname/IP address combinations for DNS hostname resolution; it is always checked first;</li>
 +
    <li><b><i>/etc/resolv.conf</i></b> - the resolve file; contains instructions that state the default search domain(s) that are used to complete a received query name into a fully qualified domain name (FQDN) when no domain suffix is provide.<br>Also contains a list of nameserver IP addresses for hostname resolution (DNS servers);</li>
 +
    <li><b><i>/tmp/resolv.conf.auto</i></b> - alternative resolve file, used for public hostname resolutions. The path to this file can be changed from this section.</li>
 +
</ul>
 +
 
 +
Refer to the table below for information on each configuration field.
 +
 
 +
[[File:Networking_rutos_manual_dns_resolve_and_hosts_files.png|border|class=tlt-border]]
 +
 
 +
<table class="nd-mantable">
 +
    <tr>
 +
        <th>Field</th>
 +
        <th>Value</th>
 +
        <th>Description</th>
 +
    </tr>
 +
    <tr>
 +
        <td>Ignore resolve file</td>
 +
        <td>off | on; default: <b>off</b></td>
 +
        <td>When enabled, doesn't read upstream servers from <i>/etc/resolv.conf</i> which is linked to the resolve file by default.</td>
 +
    </tr>
 +
    <tr>
 +
        <td>Resolve file</td>
 +
        <td>text file; default: <b>none</b></td>
 +
        <td>Specifies an alternate DNS resolve file to use instead of the default one (<i>/tmp/resolv.conf.auto</i>).</td>
 +
    </tr>
 +
    <tr>
 +
        <td>Ignore /etc/hosts</td>
 +
        <td>off | on; default: <b>off</b></td>
 +
        <td>Local domain suffix appended to DHCP names and hosts file entries.</td>
 +
    </tr>
 +
    <tr>
 +
        <td>Additional Hosts files</td>
 +
        <td>text file; default: <b>none</b></td>
 +
        <td>Uploads a hosts files to use in addition to <i>/etc/hosts</i>.</td>
 
     </tr>
 
     </tr>
 
</table>
 
</table>
Line 72: Line 134:
 
The <b>Advanced Settings</b> section is used to set up some of the more specific DNS parameters. Refer to the table below for information on each configuration field.
 
The <b>Advanced Settings</b> section is used to set up some of the more specific DNS parameters. Refer to the table below for information on each configuration field.
  
[[File:Networking_rutos_manual_dns_advanced_settings_v2.png|border|class=tlt-border]]
+
[[File:Networking_rutos_manual_dns_advanced_settings.png|border|class=tlt-border]]
  
 
<table class="nd-mantable">
 
<table class="nd-mantable">
Line 82: Line 144:
 
     <tr>
 
     <tr>
 
         <td>Filter private</td>
 
         <td>Filter private</td>
         <td>off {{!}} on; default: <b>on</b></td>
+
         <td>off | on; default: <b>on</b></td>
 
         <td>Do not forward reverse lookups for local networks.</td>
 
         <td>Do not forward reverse lookups for local networks.</td>
 +
    </tr>
 +
    <tr>
 +
        <td>Filter useless</td>
 +
        <td>off | on; default: <b>off</b></td>
 +
        <td>When disabled, does not forward requests that cannot be answered by public name servers.</td>
 
     </tr>
 
     </tr>
 
     <tr>
 
     <tr>
 
         <td>Localise queries</td>
 
         <td>Localise queries</td>
         <td>off {{!}} on; default: <b>on</b></td>
+
         <td>off | on; default: <b>on</b></td>
 
         <td>Localise hostname depending on the requesting subnet if multiple IPs are available.</td>
 
         <td>Localise hostname depending on the requesting subnet if multiple IPs are available.</td>
 +
    </tr>
 +
    <tr>
 +
        <td>Expand hosts</td>
 +
        <td>off | on; default: <b>on</b></td>
 +
        <td>Adds local domain suffix to names served from the hosts file(s).</td>
 +
    </tr>
 +
    <tr>
 +
        <td>No negative cache</td>
 +
        <td>off | on; default: <b>off</b></td>
 +
        <td>When disabled, does not cache negative replies, i.e., "no such domain" responses.</td>
 
     </tr>
 
     </tr>
 
     <tr>
 
     <tr>
Line 94: Line 171:
 
         <td>text file; default: <b>none</b></td>
 
         <td>text file; default: <b>none</b></td>
 
         <td>Uploads an additional DNS servers file. This file may contain lines like 'server=/domain/1.2.3.4' or 'server=1.2.3.4' for domain-specific or full upstream DNS servers.</td>
 
         <td>Uploads an additional DNS servers file. This file may contain lines like 'server=/domain/1.2.3.4' or 'server=1.2.3.4' for domain-specific or full upstream DNS servers.</td>
 +
    </tr>
 +
    <tr>
 +
        <td>Strict order</td>
 +
        <td>off | on; default: <b>off</b></td>
 +
        <td>When enabled, DNS servers will be queried in the order of the resolve file.</td>
 +
    </tr>
 +
    <tr>
 +
        <td>All Servers</td>
 +
        <td>off | on; default: <b>off</b></td>
 +
        <td>When enabled, queries all available upstream DNS servers.</td>
 +
    </tr>
 +
    <tr>
 +
        <td>Bogus NX Domain Override</td>
 +
        <td>ip; default: <b>none</b></td>
 +
        <td>List of hosts that supply bogus NX domain results.</td>
 +
    </tr>
 +
    <tr>
 +
        <td>DNS server port</td>
 +
        <td>integer [0..65535]; default: <b>none</b></td>
 +
        <td>Listening port for inbound DNS queries.</td>
 +
    </tr>
 +
    <tr>
 +
        <td>DNS query port</td>
 +
        <td>integer [0..65535]; default: <b>none</b></td>
 +
        <td>Fixed source port for outbound DNS queries.</td>
 +
    </tr>
 +
    <tr>
 +
        <td>Max. EDNS0 packet size</td>
 +
        <td>integer [0..9999999999999999]; default: <b>none</b></td>
 +
        <td>Maximum allowed size of Extension Mechanisms for Domain Name System.0 UDP packets.</td>
 +
    </tr>
 +
    <tr>
 +
        <td>Max. concurrent queries</td>
 +
        <td>integer [0..9999999999999999]; default: <b>none</b></td>
 +
        <td>Maximum allowed number of concurrent DNS queries.</td>
 
     </tr>
 
     </tr>
 
     <tr>
 
     <tr>
 
         <td>Size of DNS query cache</td>
 
         <td>Size of DNS query cache</td>
 
         <td>integer [0..10000]; default: <b>none</b></td>
 
         <td>integer [0..10000]; default: <b>none</b></td>
         <td>Number of cached DNS entries (max is 10000, 0 is no caching).</td>
+
         <td>Number of cached DNS entries. Set to 0 for no caching.</td>
 
     </tr>
 
     </tr>
 
</table>
 
</table>
  
 
[[Category:{{{name}}} Network section]]
 
[[Category:{{{name}}} Network section]]

Revision as of 15:35, 1 October 2020

Template:Networking rutos manual fw disclosure

Summary

The DNS page is used to to set up how the device utilizes its own and other DNS servers.

This manual page provides an overview of the DNS windows in {{{name}}} devices.

If you're having trouble finding this page or some of the parameters described here on your device's WebUI, you should turn on "Advanced WebUI" mode. You can do that by clicking the "Advanced" button, located at the top of the WebUI.

Networking rutos manual webui basic advanced mode 75.gif

General Settings

The General Settings section is used to set up the main DNS parameters. Refer to the table below for information on each configuration field.

Networking rutos manual dns general settings.png

Field Value Description
Domain required off | on; default: on When enabled, stops forwarding queries for plain names, without dots or domain parts, to upstream nameservers. If the name is not known from /etc/hosts or DHCP then a "not found" answer is returned.
Local server string; default: /lan/ Local domain specification. Names matching this domain are never forwarded and are resolved from DHCP or hosts files (/etc/hosts) only.
Local domain domain name; default: lan Local domain suffix appended to DHCP names and hosts file entries.
Log queries off | on; default: off When enabled, write received DNS requests to syslog.
DNS forwardings string; default: none List of DNS servers to forward requests to.
Rebind protection off | on; default: on Discards upstream RFC1918 responses. When enabled, the device will not resolve domain names for internal hosts.
Allow localhost off | on; default: on Allow upstream responses in the 127.0.0.0/8 range. For example, for RBL services.
Domain whitelist domain name(s); default: none List of domains to allow RFC1918 responses for.
Local Service Only off | on; default: off Limit DNS service to subnets and interfaces on which this device is serving as a DNS server.
Non-wildcard off | on; default: on Binds only to specific interfaces rather than wildcard address.
Listen Interfaces network interface(s); default: none Limits listening for DNS queries to interfaces specified in this field and loopback. Leave empty to listen on all interfaces.
Exclude Interfaces network interface(s); default: none Prevents listening for DNS queries on interfaces specified in this field. Leave empty to listen on all interfaces.

Resolve and Hosts Files

The Resolve and Hosts Files section is used to configure the usage of these files:

  • /etc/hosts - the hosts file; contains hostname/IP address combinations for DNS hostname resolution; it is always checked first;
  • /etc/resolv.conf - the resolve file; contains instructions that state the default search domain(s) that are used to complete a received query name into a fully qualified domain name (FQDN) when no domain suffix is provide.
    Also contains a list of nameserver IP addresses for hostname resolution (DNS servers);
  • /tmp/resolv.conf.auto - alternative resolve file, used for public hostname resolutions. The path to this file can be changed from this section.

Refer to the table below for information on each configuration field.

Networking rutos manual dns resolve and hosts files.png

Field Value Description
Ignore resolve file off | on; default: off When enabled, doesn't read upstream servers from /etc/resolv.conf which is linked to the resolve file by default.
Resolve file text file; default: none Specifies an alternate DNS resolve file to use instead of the default one (/tmp/resolv.conf.auto).
Ignore /etc/hosts off | on; default: off Local domain suffix appended to DHCP names and hosts file entries.
Additional Hosts files text file; default: none Uploads a hosts files to use in addition to /etc/hosts.

Advanced Settings

The Advanced Settings section is used to set up some of the more specific DNS parameters. Refer to the table below for information on each configuration field.

Networking rutos manual dns advanced settings.png

Field Value Description
Filter private off | on; default: on Do not forward reverse lookups for local networks.
Filter useless off | on; default: off When disabled, does not forward requests that cannot be answered by public name servers.
Localise queries off | on; default: on Localise hostname depending on the requesting subnet if multiple IPs are available.
Expand hosts off | on; default: on Adds local domain suffix to names served from the hosts file(s).
No negative cache off | on; default: off When disabled, does not cache negative replies, i.e., "no such domain" responses.
Additional servers file text file; default: none Uploads an additional DNS servers file. This file may contain lines like 'server=/domain/1.2.3.4' or 'server=1.2.3.4' for domain-specific or full upstream DNS servers.
Strict order off | on; default: off When enabled, DNS servers will be queried in the order of the resolve file.
All Servers off | on; default: off When enabled, queries all available upstream DNS servers.
Bogus NX Domain Override ip; default: none List of hosts that supply bogus NX domain results.
DNS server port integer [0..65535]; default: none Listening port for inbound DNS queries.
DNS query port integer [0..65535]; default: none Fixed source port for outbound DNS queries.
Max. EDNS0 packet size integer [0..9999999999999999]; default: none Maximum allowed size of Extension Mechanisms for Domain Name System.0 UDP packets.
Max. concurrent queries integer [0..9999999999999999]; default: none Maximum allowed number of concurrent DNS queries.
Size of DNS query cache integer [0..10000]; default: none Number of cached DNS entries. Set to 0 for no caching.

[[Category:{{{name}}} Network section]]

Retrieved from "https://wiki.teltonika-networks.com/index.php?title=Template:Networking_rutos_manual_dns&oldid=72818"