NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
How to get Orbi to pass through DNS information in DHCP?
I have an Orbi RBR50 running Firmware Version V2.5.1.16. I'm using its DHCP feature. The problem is that no matter what settings I try in the configuration, it always hands out client leases with the...
Mstrbig wrote:The router's DNS server is an internal server. The Orbi uses the ISP or user provided 3rd party DNS servers, such as Google, Level 3, Open DNS, etc.. DNS over HTTPS server implementations are already available free of charge by some public DNS providers.
That wasn't my question.
A DHCP server gives DNS addresses to devices. Orbi's DHCP server is broken and always gives the router's address as the DNS address. So my Windows computer thinks that the DNS address is 192.168.1.1, rather than the address I configured.
I use a service that supports DoH. But Windows (again, for now I'm talking about the Insider versions, but this will soon be true for release versions as well) detects that by just trying to do a DoH request. And that will always fail, because the Orbi doesn't support DoH.
I'm not expecting the Orbi to support DoH. But its DHCP server should be able to correctly pass along the correct DNS servers rather than incorrectly giving its own address.
SunriseMan wrote:That wasn't my question.
A DHCP server gives DNS addresses to devices. Orbi's DHCP server is broken and always gives the router's address as the DNS address. So my Windows computer thinks that the DNS address is 192.168.1.1, rather than the address I configured.
I use a service that supports DoH. But Windows (again, for now I'm talking about the Insider versions, but this will soon be true for release versions as well) detects that by just trying to do a DoH request. And that will always fail, because the Orbi doesn't support DoH.
No I understood what you were saying. Most all home user routers are, as you stated, broken.
And I am currently on Windows 10 Preview Build 20201.
There's still a lot of debate over whether DoH is good or not, and I'm sure a lot will change before it is available in public versions of Windows 10.
Most people rely on DNS to block malware, enable parental controls, or filter the browser’s access to websites. When DoH is enabled, it bypasses the local DNS resolver and defeats these special policies.
Mstrbig wrote:Most people rely on DNS to block malware, enable parental controls, or filter the browser’s access to websites. When DoH is enabled, it bypasses the local DNS resolver and defeats these special policies.
That's only true because people have to set up the DoH manually rather than having it be supported by the underlying OS. With the implementation in the Preview version of Windows, it still uses the DNS server provided by DHCP, it just tests that server to see if DoH will work. So the security or content controls of the DNS provider will still apply.
This applies to the concerns CrimpOn mentioned as well. However, I don't understand why DoH adoption would have an impact on the need for router firmware updates. It'll probably increase the urgency for one update to provide an option to avoid DHCP proxying, but I don't see any reason there would be less need for updates after that.
SunriseMan wrote:That's only true because people have to set up the DoH manually rather than having it be supported by the underlying OS. With the implementation in the Preview version of Windows, it still uses the DNS server provided by DHCP, it just tests that server to see if DoH will work. So the security or content controls of the DNS provider will still apply.
This applies to the concerns CrimpOn mentioned as well. However, I don't understand why DoH adoption would have an impact on the need for router firmware updates. It'll probably increase the urgency for one update to provide an option to avoid DHCP proxying, but I don't see any reason there would be less need for updates after that.
Having just become aware of this development today, it seems to me that this is going to a long, complicated rollout. There must be 100's of different consumer router models installed. Even a "simple" router update to avoid DNS proxying has to be developed, tested, and rolled out by manufacturers who have shown little interest in updating firmware. (Verizon sold the Orbi to customers and has never issued a firmware update.) Suppose the default changes from "DNS Proxy" to "include the DNS server we got from the ISP in our DHCP response." That means every ISP DNS proxy has to be reprogrammed.
This is sort of "Deja Vu" for me. When was IPv6 announced as the "solution to IPv4 running out of numbers"? And here we are in the middle of 2020. DoH is going on my list of "things to watch out for."
CrimpOn wrote:Suppose the default changes from "DNS Proxy" to "include the DNS server we got from the ISP in our DHCP response." That means every ISP DNS proxy has to be reprogrammed.
I don't understand what you mean. All home routers, including the Orbi, can do the necessary NAT to let computers access the ISP's DNS servers directly. Look at the attached screenshot -- that's me accessing my ISP's DNS going through my Orbi. (10.10.10.1 is the address of my Orbi, which is why it's my default DNS server.)
I've also used routers that don't do DNS proxying, gone through periods where I had a separate server running DHCP that passed my ISP's DNS servers, and have had computers with static addresses that used the ISP's DNS servers. I assure you that all of these scenarios work, and have worked since I got my first home router decades ago.
