NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Confirmation that Netgear Routers cannot forward DNS queries to a specific IP
From what I can tell after extensive googling and searching these forums, Netgear routers of any model or configuration DO NOT have the ability to do basic, simple, standard, functions related to forwarding outbound DNS queries to a specific IP address. Is this correct?
I want to forward ALL outbound DNS requests on port 53 to a specific IP address on my network. Specifically, I'm trying to prevent hard-coded DNS queries from skipping the piHole I have running on an attached Raspberry Pi.
This is BASIC network management that I am honestly appalled my many hundreds of dollars router is apparently unable to do.
At this point, this seems like a purposeful and malicious omission by Netgear in an attempt to actively prevent users from doing any real network management. Netgear shouldn't care how my connected devices query a DNS server, unless thy are being actively paid by these companies to keep this management feature out of the hands of users. This is not some special commercial grade feature I'm seeking. It is a basic if-then rule: If there is an internal query on port 53 to an external address, forward it to this other internal IP address. That's it.
I am aware that I can buy another router and use my Netgear hardware as just an access point. That's not an asnwer to my question, but rather a hack that just confirms that Netgear is purposefully, and again I suspect maliciously, restricting basic network management on their expensive devices.
I welcome the opportunity to be proven wrong and be given straight forward instructions on how to do this with the stock firmware and hardware I paid (significant) of money for.
4 Replies
How about using the "Block Services" feature on the Security menu?
Block all IP's from Port 53 TCP/UDP
What model are you referencing?
jpain3 wrote:From what I can tell after extensive googling and searching these forums, Netgear routers of any model or configuration DO NOT have the ability to do basic, simple, standard, functions related to forwarding outbound DNS queries to a specific IP address. Is this correct?
I want to forward ALL outbound DNS requests on port 53 to a specific IP address on my network. Specifically, I'm trying to prevent hard-coded DNS queries from skipping the piHole I have running on an attached Raspberry Pi.
This is BASIC network management that I am honestly appalled my many hundreds of dollars router is apparently unable to do.
At this point, this seems like a purposeful and malicious omission by Netgear in an attempt to actively prevent users from doing any real network management. Netgear shouldn't care how my connected devices query a DNS server, unless thy are being actively paid by these companies to keep this management feature out of the hands of users. This is not some special commercial grade feature I'm seeking. It is a basic if-then rule: If there is an internal query on port 53 to an external address, forward it to this other internal IP address. That's it.
I am aware that I can buy another router and use my Netgear hardware as just an access point. That's not an asnwer to my question, but rather a hack that just confirms that Netgear is purposefully, and again I suspect maliciously, restricting basic network management on their expensive devices.
I welcome the opportunity to be proven wrong and be given straight forward instructions on how to do this with the stock firmware and hardware I paid (significant) of money for.
FURRYe38 wrote:What model are you referencing?
Oops. Thanks for noticing that the post does not specifically reference Orbi.
Block Services is on page 40 of the RAX40 User Manual
https://www.downloads.netgear.com/files/GDC/RAX40/RAX40_UM_EN.pdf
I have only the Netgear Orbi. Set up Block Services (DNS) on a PC that was set to "Get DNS automatically" (which means the Orbi router).
Web browser finds every site I ask for, which means DNS is working.
Changed the PC's ethernet properties to "Use 1.1.1.1" for DNS. Now the web browser consistently returns "cannot connect" (because DNS is no longer working).
Of course, this only pertains to DNS entries that are not already cached in the PC.
My guess is that it will work this way on other Netgear routers.
Note: this does not do what jpain3 wants. It does not intercept packets to port 53 and redirect them. What it does effectively is prevent anyone from getting around the Orbi DNS process. So when junior whines, "Dad, the internet is broke", the response can be "Did you mess with the DNS settings?"
