NextDNS CLI Router Setup
Hello. I have the cli working properly on on a raspberry pi connected to my router. The router is using the DNS on the raspberry pi. It will work with a default profile. And it will work on a subnet profile. But it will not work on a MAC address profile. It seems to bypass it and go to the base profile. The MAC address is correct as I have checked it dozens of times thinking I might have a typo but to no avail.
Any assistance on this would be greatly appreciated or help pointing me somewhere to try something.. The router is an Orbi RBR750 if that helps.
thank you.
16 replies
-
The MAC address may not be being passed on to the pi, so the CLI won’t know and puts it on the default profile.
Is the DNS being setup under DHCP or via the router IP?Also does the MAC profile line appear before the default profile line, from the “nextdns config” file? I believe it chooses the first match on the list.
-
Under LAN Setup (Orbi Mesh rbr750), Use Router as DHCP Server is ticked and it assigns all the items attached to the wifi it's on ip address and name.
Do I need to do more?
I guess I'm not entirely sure how to pass that over - forgive me ignorance. -
Ok, I’ll have to do a bit of research on the Orbi Mesh interface. Find out for you where exactly you should be setting the DNS IP for the pi with the CLI installed.
-
Maybe these screenshots will be helpful.
First image: Where the red arrow is pointing is what I have for the eth0 > inet in ifconfig on the raspberry pi.Second image: Router set to use DHCP Server with a range (2-254 for devices with 2 I served) of the base router IP.
So it works on a base profile... it's just any MAC address is ignored (and the orbi is displaying the mac addresses properly ... on the second screenshot if I go to add an address reservation it will show connected devices with their appropriate MAC address.
Not sure where the breakdown is happening. If it's in this router setting or if it's something on the rpi.
Thanks again for looking and trying to help :)
-
After looking at the User Manual for the RBR750, it appears there is no option to add the RPi IP in the DHCP section for DNS. This means that devices connected will not be exposing their MAC address to the Pi (& CLI) because the requests are going through the router first (a security feature to not expose MAC to the internet).
This means that MAC profile filtering will not work in your current setup. I would suggest you simply reserve IPs for your devices and use those IPs to filter for profiles.
-
How would I go about this? It appears you can only filter via subnet and mac addresses according to the docs on the nextdns CLI? Unless I'm missing something?
-
Ah, well, you can have a subnet of only one IP address. Just use /32 at the end of the IP.
-
In the conf file would I just add profile STATIC_IP_ADDRESS_SET_BY_DHCP/32=the_profile?
If so I tried that... and doesn't seem to work. -
Make sure the line appears before the default profile one in “nextdns config”
-
Hey again.. it is before the default but the device with that IP still goes to the default, not the IP/32 that is set for that specific static IP.
-
Hmm… it will need some testing for myself, see if it can actually work. Probably next week, got to get over this cold first.
-
No worries, I appreciate your help!
-
OK, did a bit of testing. It seems to be working for a single IP/32 subnet.
It may not be working for you because of the Orbi being in the middle again and removing the local IP from the DNS request (replacing it with WAN IP because it thinks DNS request is going out to internet rather than staying local). To get this working you will have to manually set the DNS addresses on the specific device to point to the RPi directly.
Another option would be to disable the DHCP on the Orbi and run a DHCP server from the Pi itself, which would allow you to set the DNS on the DHCP setup side of things.
-
This was extremely helpful thank you!
A couple of follow up questions (if you don't mind of course).1) How would I setup the DHCP on the Pi? Would that not require the Mac Addresses being sent over so they could mapped to a specific IP address? Forgive my ignorance on this, I'll still a bit green to this world.
2) As I currently set the Pi IP on the devices DNS manually (which works for the single /32 subnet), the logs do not show the device name. Is this something I will have to live with or could it be resolved using the Pi DHCP method mentioned above or some other way?
You have been such a great help so far, thank you so incredibly much!Kind regards,
David
-
I'll start with number two first as it's relatively simple to add a device name. First locate the "hosts" file on the Pi (most likely in /etc), edit and add the device static local IP & "friendly" name with a space in between the two items. Example:
192.168.1.xx laptop-modelCLI might need to be restarted to pickup the change "nextdns restart".
This should add the device name "laptop-model" to your Nextdns logs.
If this is working for you there maybe no need for the DHCP server but in the interests of understanding for you: Because each of your local network devices are connecting to the Pi directly, with it's IP address, MAC addresses and other device identifiers will not be omitted from the connection (the Orbi will simply see it as local network traffic) and so the Pi will see the details.
-
-
Does anyone else have any insight into this?
Content aside
- 4 wk agoLast active
- 16Replies
- 305Views
-
2
Following