IOT cannot access non gateway dns

LlamaLlama · December 8, 2023, 11:21am

Hey there,

I’ve been playing around with the network types and it appears that IOT and possibly internet only/guest networks cannot access local dns, if they aren’t the gateway.

Take for example, gateway/router/dhcp 192.168.1.1 and dns 192.168.1.2, dhcp hands out 1.1 as the gateway and 1.2 as the dns, the local lan blocking aspect of the Iot network type causes dns lookups to fail on iot devices due to the blocked access to 192.168.1.2

Alta-Jeff · December 8, 2023, 2:39pm

@LlamaLlama You are correct in your assessment, although the separate gateway/DNS network configuration is relatively uncommon.

However, even for these corner cases, we will likely be adding support for allowing DNS traffic to a separate DNS server in an upcoming firmware release.

MichaelMuni · December 8, 2023, 4:43pm

This is good to hear, I currently do not have this setup, but up until a few months ago I did. I had a raspberry pie running my DNS and filtering. For a while I had my Synology NAS running it via Docker too. I may switch back to this glad I saw this topic.

LlamaLlama · December 8, 2023, 9:12pm

Thanks Jeff,

Could just be me personally, but I have encountered this alot working in various IT roles, where the gateway/router isn’t responsible for dhcp/dns (Think a Windows server running DHCP/DNS roles, usually with Active Directory as well)

In my particular personal case, It is like Michaels where my local DNS is a seperate filtering/caching service (adguardhome)

It is also worth noting that I’m actually running two of these servers on my network, so that I can update/switch one off and not have the household yelling at me, please be sure to allow more than one ip (I configured statically on the AP6 the gateway and both dns, perhaps you might also be able to use that as some kind of allowable?)

Alta-Jeff · December 9, 2023, 8:57pm

@LlamaLlama I have a firmware you can try if you invite me to your site to install it.

LlamaLlama · December 9, 2023, 10:14pm

Sure thing, lets give it a whirl

BlackNL · December 18, 2023, 5:47pm

I suppose this is also applicable towards the guest network option? @Alta-Jeff

Alta-Jeff · December 18, 2023, 7:34pm

@BlackNL Yes, it is. We’ve tested this with some users, and we’re making progress on releasing this feature publicly soon.

BlackNL · December 18, 2023, 8:50pm

Great, thanks for the update and keep up the good work.