Two subnets on home network with different DNS

Forums › LAN (ethernet/Wifi/routers/Bluetooth) › Two subnets on home network with different DNS

timmmay

20858 posts

Uber Geek
+1 received by user: 5350

Trusted

Lifetime subscriber

#237756 16-Jun-2018 21:32

I have my main home network with a Fritzbox on 192.168.1.0/24 using ISP supplied DNS with a subnet mask 255.255.255.0. I would like to add a D-Link DIR615 which gives out IP addresses on the 192.168.0.0/24 network using a different internet based DNS server (eg CloudFlare's 1.1.1.1 or Google's 8.8.4.4) but routes via the Fritzbox as the gateway. I also have a Linksys 54GL which can run DD-WRT or similar, which tends to be pretty flexible.

When I set up the D-Link as 192.168.0.1 and told it to use the Fritzbox gateway 192.168.1.1 it told me I couldn't use a gateway on another network.

Any suggestions?

Update: all I really want is devices connected to this new WAP to use a different DNS server.

1 | 2

meow
13579 posts

Uber Geek
+1 received by user: 10910

Moderator

ID Verified

Trusted

Lifetime subscriber

#2038875 16-Jun-2018 21:43

You will need to double-NAT it.

I recommend however getting something along the lines of an Edgerouter or a Mikrotik. I've got this exact thing running on my network (One network without IPv6, using a local DNS server and one with IPv6 using Cloudflare's IPv4/v6 DNS).

Michael Murphy | https://murfy.nz
Referral Links: Quic Broadband (use R122101E7CV7Q for free setup)

Are you happy with what you get from Geekzone? Please consider supporting us by subscribing.
Opinions are my own and not the views of my employer.

yitz

2239 posts

Uber Geek
+1 received by user: 594

#2038877 16-Jun-2018 21:43

Are you using the WAN or LAN port of the DIR615?

For double NAT just configure Ethernet WAN with Static IP on the Fritzbox range. You should be able to use the wizard to set this up.

timmmay

20858 posts

Uber Geek
+1 received by user: 5350

Trusted

Lifetime subscriber

#2038883 16-Jun-2018 22:01

I'm not going to buy anything, this is just something to play with.

Using LAN port on DLink. I used it as a wireless access point with no problems but that was on same subnet.

I really just want wireless clients on that WAP to use different DNS servers, I just thought having a second subnet would be an easy way to do that.

I get the general idea of double NAT but not sure how to set it up.

richms

29099 posts

Uber Geek
+1 received by user: 10210

Trusted

Lifetime subscriber

#2038889 16-Jun-2018 22:19

Just plug the wan of the dlink into the lan of the fritz and away you go.

Richard rich.ms

timmmay

20858 posts

Uber Geek
+1 received by user: 5350

Trusted

Lifetime subscriber

#2038918 17-Jun-2018 07:30

richms:

Just plug the wan of the dlink into the lan of the fritz and away you go.

That's a trivial way to extend the WAP. The problem is the DLink router doesn't make it easy to assign different DNS servers.

It occurs to me it might be easier to restrict the Fritzbox to a smaller DHCP range, say .50 - 200, and have the DLink use .201 to .250 or so. That way they're on the subnet, separate ranges, and DHCP on the DLink can give out different DNS servers.

freakngeek

356 posts

Ultimate Geek
+1 received by user: 123

#2038921 17-Jun-2018 08:09

2x routers dishing out DHCP on same subnet probably will turn ugly

I had a DIR615 many many many years ago, was a great router back then

Setup the DIR615 as normal with different Subnet as FB
Disable WAN
Plug LAN on DIR615 into LAN on FB
You should be away with Double NAT

You could setup the DIR615 WAN port with dedicated IP and grab your ISP IP and gateway details from FB
Plug DIR615 WAN into LAN of FB
Double NAT with 4 LAN ports spare
Only works with static IP from ISP of course

Grab your self a ERL3, should be getting cheap as chips with ER4 out now
Then you can play with subnets, DNS till the cows come home in one device
Learning curve is steep at the beginning though

HP

Shop now for HP laptops and other devices (affiliate link).

timmmay

20858 posts

Uber Geek
+1 received by user: 5350

Trusted

Lifetime subscriber

#2038958 17-Jun-2018 08:48

I appreciate the explanations so far, but they're just beyond my networking knowledge. I can do networking and routing in AWS fine, but that's enterprise grade, nice user interface, well documented, and trying to do standard stuff.

I've had the DLink as a WAP, but that's single NAT. I don't know how to set up double NAT. I don't have a dedicated IP from my ISP. It's not worth spending money on this, it's just something I'm playing with.

Would this be easier with the Linksys on DD-WRT?

The only problem with the DIR615 on a different subnet (192.168.0.0/24) is it doesn't want to route to 192.168.1.1 as the internet gateway.

Aredwood

3885 posts

Uber Geek
+1 received by user: 1749

#2038965 17-Jun-2018 09:12

Double NAT simply means that the data is going through 2 layers of NAT between your devices and the internet. Plugging the Dlink Wan into the FB Lan means that data goes from device - Dlink - FB - Internet. Since both the Dlink and FB have NAT routers, You have double NAT.

Assuming that the Dlink has a option to use a set DNS server for all connected devices. Then you are sorted.

Assuming that the reason for running different DNS servers is for bypassing geoblocks, you might still need the Edgerouter. As some devices will try to access hard coded DNS servers as a way of detecting people who are using global mode service's. The Edgerouter can be configured to intercept and redirect those DNS queries to a different DNS server.

psychnurse

329 posts

Ultimate Geek
+1 received by user: 37

ID Verified

Trusted

#2038979 17-Jun-2018 09:35

This is what I did, follow this guide.

Router

yitz

2239 posts

Uber Geek
+1 received by user: 594

#2039062 17-Jun-2018 13:03

In the double NAT setup, you should easily be able to configure the DIR-615's LAN DHCP server to hand out specified DNS addresses:

timmmay

20858 posts

Uber Geek
+1 received by user: 5350

Trusted

Lifetime subscriber

#2039095 17-Jun-2018 13:16

I've been using single NAT when it was just an access point into the LAN port. I'll try double NAT via the WAN port, and a different subnet. That Linksys guide is good, thanks @psychnurse

Aredwood: Assuming that the Dlink has a option to use a set DNS server for all connected devices. Then you are sorted.

Assuming that the reason for running different DNS servers is for bypassing geoblocks, you might still need the Edgerouter. As some devices will try to access hard coded DNS servers as a way of detecting people who are using global mode service's. The Edgerouter can be configured to intercept and redirect those DNS queries to a different DNS server.

Yeah, it can set a DNS server as part of the DHCP config, but only doing double NAT. If it's on the same subnet then it uses DHCP passthrough. I learn this week that DHCP is a broadcast protocol, so they definitely need to be on two subnets if you're giving out IPs via DHCP.

Bypassing geoblocks using dns4me is the main aim. I would like my main routers back onto ISP DNS, and I need better signal strength at the Roku, which has pretty poor WiFi.

Dyson

Shop now for Dyson appliances (affiliate link).

yitz

2239 posts

Uber Geek
+1 received by user: 594

#2039098 17-Jun-2018 13:25

Yeah that's not possible unless you are able to do some fancy filtering.

timmmay

20858 posts

Uber Geek
+1 received by user: 5350

Trusted

Lifetime subscriber

#2039100 17-Jun-2018 13:27

yitz: Yeah that's not possible unless you are able to do some fancy filtering.

What's not possible? Based on what I've read it seems like it should work on a different subnet, internet via the WAN port, the second subnet with DHCP providing DNS4ME DNS names.

yitz

2239 posts

Uber Geek
+1 received by user: 594

#2039102 17-Jun-2018 13:28

timmmay:
What's not possible? Based on what I've read it seems like it should work on a different subnet, internet via the WAN port, the second subnet with DHCP providing DNS4ME DNS names.

Oh I mean where you bridge the two LANs but need to filter out certain broadcast traffic.

timmmay

20858 posts

Uber Geek
+1 received by user: 5350

Trusted

Lifetime subscriber

#2039175 17-Jun-2018 17:46

Ok, I got it working. With the information from this thread and linked articles it was pretty easy.

1. Reset the second router, plug it directly into the PC using a router LAN port, PC using DHCP.

2. Set the router IP address (192.168.0.1 for me) , WiFi settings and password, router admin password. Disable SPI, firewall, QOS, uPNP, etc.

3. Setup, manual internet setup, DHCP and put your DNS servers in there.

4. Plug second router WAN port into main router LAN port (main router range is 192.168.1.0/24). Test it over WiFi.

It's working well. The only thing that would be useful is being able to access the secondary router from my PC, which is directly connected to the first router. Could something be done with static routes on the Fritzbox?

1 | 2