NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

Haaino's avatar
Haaino
Guide
Jan 17, 2022

br200 DHCP DNS server configuration

Dear community,   I have a BR200 with firmware 5.10.0.5. I have succesfully setup multiple vlan's and corresponding DHCP services it is all working nicely.   However, the iPhone complain that the...
schumaku's avatar
schumaku
Guru - Experienced User
Jan 19, 2022
Haaino wrote:

If I manually configure the 9.9.9.9 as the dns service, my iPhone stops complaining.  Why does this work?

Because of DNSSec is an extension of the DNS protocol. While the DNSSec extensions are available on .9, the DNS resolver/relay on the Netgear routers (and many more) does not handle these.

 

For my curiosity, would you mind to share a screenshot of the iPhone complaint?

 

Overall, it's still not the world's greatest idea to send your own DNS queries to a business where most don't know anything about it. This is becoming more crucial when you think about DNS with DoH or DoT - the US NSA and CISA before published do's and don'ts for Adopting Encrypted DNS in Enterprise Environments (PDF) - most applies to DoG, too. DoH and DoT can impede analysis and monitoring of DNS traffic for cybersecurity purposes, DoH and DoT can be used to bypass parental controls which operate at the standard plain text DNS level, ...

 

Not everything Apple does suggest - lie the crazy random MAC address (they promote it as "Private Wi-Fi Address") - does make sense in an enterprise, business, small business and even at home.

 

Haaino wrote:

how can i configure any dhcp attributes in the br200? Or can I better use a different dhcp service?

Unfortunately, Netgear left out plenty of features on the BR500/BR200 specs.

 

 

Haaino's avatar
Haaino
Guide
Jan 19, 2022

 

Thank you very much that you are helping my out! I appreciate this.

 

It's in Dutch. Roughly translated: one picture says "privacy warning". And the other explains that the DNS service (a.k.a. the Netgear router) is intercepting the DNS traffic and could potentially monitor this.

 

I under your remark about external DNS services, and you are quite right about it! No denying about it. In this particular case the .9 DNS service has a relative good reputation and privacy restrictions.

 

My question still is: how can I configure the DHCP service on the BR200 router so that the clients get .9 DNS service automatically assigned? If I would like to host my own DNS service, that this question becomes more relevant.

 

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More