Unable to disable DHCP DNS lookup

[tclark]

I would like to disable DHCP DNS lookup because my ISP is intercepting and redirecting lookups. I would like to switch to OpenDNS, but have been unable to get this to work. My /etc/dhcp/dhclient.conf (comments omitted, except where relevant):

Code: Select all

option rfc3442-classless-static-routes code 121 = array of unsigned integer 8;

send host-name = gethostname();
request subnet-mask, broadcast-address, time-offset, routers,
	#domain-name, domain-name-servers, domain-search, host-name,
	host-name,
	dhcp6.name-servers, dhcp6.domain-search, dhcp6.fqdn, dhcp6.sntp-servers,
	netbios-name-servers, netbios-scope, interface-mtu,
	rfc3442-classless-static-routes, ntp-servers;

#prepend domain-name-servers 208.67.222.222, 208.67.220.220;
supersede domain-name-servers 208.67.222.222, 208.67.220.220;
timeout 300;

And the output from dhclient:

Code: Select all

$ sudo dhclient -v -r wlx74da388d397c

Killed old client process
Internet Systems Consortium DHCP Client 4.3.3
Copyright 2004-2015 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/

Listening on LPF/wlx74da388d397c/74:da:38:8d:39:7c
Sending on   LPF/wlx74da388d397c/74:da:38:8d:39:7c
Sending on   Socket/fallback
DHCPRELEASE on wlx74da388d397c to 192.168.254.254 port 67 (xid=0x285d3d7b)

As you can see, it is still using 192.168.254.254, not 208.67.222.222.

I have also tried configuring this using the Network Connections GUI via the IPv4 Settings tab:

Code: Select all

Method: Automatic (DHCP) addresses only

DNS servers: 208.67.222.222, 208.67.220.220

This also did not work.

Any ideas? Thanks.

[tclark]

I've not yet been able to solve this problem, but I did find a workaround. I switched to wicd and created the following script:

Code: Select all

$ cat /etc/wicd/scripts/postconnect/wicd-reset-dns 
#!/bin/sh

echo "# Generated by /etc/wicd/scripts/postconnect/wicd-reset-dns\n\nnameserver 208.67.222.222\nnameserver 208.67.220.220" >/run/resolvconf/resolv.conf

It works:

Code: Select all

$ cat /etc/resolv.conf 
# Generated by /etc/wicd/scripts/postconnect/wicd-reset-dns

nameserver 208.67.222.222
nameserver 208.67.220.220

This is a workaround, not a solution, and I'm still interested in hearing from anyone that knows how to fix the actual problem. Thanks.

[DAMIEN1307]

hi tclark...i have already done this...tell me first if your connecting wireless through a router or direct ethernet connection through a modem or through a router...i think i can guide you through this...im using mint 18.1 cinnamon serena on my ethernet through router on desktop computer and my laptop is wireless also through my router but i also change the network settings as well to use open dns nameservers 208.67.222.222. 208.67.220.220 when connecting elsewhere away from home...DAMIEN

[tclark]

Hi Damien,

I'm using WIFI, via a router that I cannot reconfigure (it's not mine). So I'm trying to solve the problem by configuration changes on my system.

Thanks,

Ted

[theRonz08753]

I wish that I was able to respond on Monday before you installed wicd, but I had a little trouble registering. I'm having a problem with bind9 with the latest network-manager update. When DNS-Automatic is turned "off", network-manager refuses to use my DNS address (127.0.0.1). I assume that you turned "on" DNS-Automatic because OpenDNS wasn't working. Turning it on also results in adding your router's DNS server, which appears to be the answer to your question. From what I see in my firewall logs, all unknown DNS address requests are going to my router.

My solution is to go back to the old version, but I don't know how to easily do it. I reinstalled my system, avoided the network-manager & resolvconf updates (although I'm not seeing any problem with the resolvconf update), and installed BackInTime, so that I will never face this situation again.

Why are those updates still available in Level-3? One improvement that I see is that my router's DNS server is being detected when DNS-Automatic is "on" (or else IPv4 Details in the network-manager's GUI was not showing the router server before the update). This was not happening with the old version. It's beginning to look like I'm not really answering your question, and that we are going to have to figure this out without avoiding the updates.

One more point, just in case it matters - I'm not using wireless.

[theRonz08753]

Did I just make a fool out of myself? I thought that the DNS-Automatic switch should be "off" in order to manually specify DNS server addresses. Is this the purpose of the switch, or does the switch turn off all DNS resolution?

[tclark]

Did I just make a fool out of myself?

You may have made a mistake, but I don't think you went that far.

I'm kind of liking wicd, so far. It just works and doesn't make a nuisance of itself, which puts it way ahead of most software nowadays.

[theRonz08753]

Hello again, tclark

I thought about installing wicd, but I'm afraid that an update to one of network-manager's dependencies will break wicd, with little or no help in this forum. I hope that you're not jumping out of the fire, and into the oven, with your use of OpenDNS. There's no such thing as "free". I prefer to get my answers straight from the horse's mouth with bind9.

You didn't mention what my mistake was. Maybe you didn't touch dns-auto because it's "on" by default. Maybe you didn't have a problem turning it "off", and my problem a localhost address. Unless Debian also has a network-manager problem, it sure looks to me like that switch should be "off".

I'm moving to Debian-jessie. If I should be installing Level 3 updates, then I can't take the risk of a major failure like this again.

I hope that everything works out well for you.

[theRonz08753]

I tried wicd, after disabling Network Manager, but I couldn't figure out how to get Privoxy working with it.

After looking at LM 18.3 beta, my problem remains, but I found a solution. Edit the file /etc/NetworkManager/NetworkManager.conf, and comment out the line "dns=dnsmasq". Turn off Network Manager's Automatic-DNS setting. This works perfectly for me.

I re-created your problem, and this will work for you, except for one big problem. There is no DNS cache.

I'm going to stop here. If you have any interest in using Network Manager again, then I should have some time during the holidays and try to help, if needed. I hope to return to LM again when LMDE3 is released.

[theRonz08753]

Today, I looked at my LM-18.3-beta installation (running in VirtualBox). I saw that there was an update for dnsmasq. After installing updates level 1-3, I went back to NetworkManager.config and uncommented the line mentioned in my previous message. Works perfectly for me. Again, I re-created your problem, and it should work for you, too, including the DNS cache. If this update didn't get to LM-18.2 yet, I think that it's safe to say that this problem will be resolved in LM-18.3. Nice to see that someone is reading our messages and taking them into consideration. Good work, guys.


Update:
Hmmm. During the previous tests, I tested by toggling the network connection off & on. After rebooting, I'm not seeing a problem with your setup, but I now have a problem using bind9.
Since my problem is going off-topic, this is my last message on this topic.