Unifi USG - network external dns servers are being passed directly to clients.

Forums › LAN (ethernet/Wifi/routers/Bluetooth) › Unifi USG - network external dns servers are being passed directly to clients.

davidcole

6099 posts

Uber Geek
+1 received by user: 1465

Trusted

#303351 3-Feb-2023 16:52

I have a vlan at home where I use external dns servers. These are outside my network.

When I connect to that network I can see the assigned dns servers are those external addresses. Which means I also do not get any local dns resolution.

Is there and option in the unifi network so that the USG performs the dns resolution for local domains but also forwards to The external dns servers? I do t really want to apply these settings to all my vlans as they are set up with other more relevant dns servers.

I guess if I have to I can spin up a dedicated dns server for that vlan. But that seems a little silly to have to do that .

I’d have thought the unifi ecosystem would be able to deal with this natively

Previously known as psycik

Home Assistant: Gigabyte AMD A8 Brix, Home Assistant with Aeotech ZWave Controller, Raspberry PI, Wemos D1 Mini, Zwave, Shelly Humidity and Temperature sensors
Media:Chromecast v2, ATV4 4k, ATV4, HDHomeRun Dual
Server Host Plex Server 3x3TB, 4x4TB using MergerFS, Samsung 850 evo 512 GB SSD, Proxmox Server with 1xW10, 2xUbuntu 22.04 LTS, Backblaze Backups, usenetprime.com fastmail.com Sharesies Trakt.TV Sharesight

Mehrts

1112 posts

Uber Geek
+1 received by user: 984

Trusted

#3031414 3-Feb-2023 17:11

Have you set the correct DNS in WAN and/or LAN settings under "Network"?

Or the Domain Name setting under LAN settings?

toejam316

1516 posts

Uber Geek
+1 received by user: 888

Trusted

Lifetime subscriber

#3031417 3-Feb-2023 17:31

I think if you're trying to maintain local DNS and use a separate external DNS provider, spinning up a second DNS server might be the easiest way. Local resolution would be done on your USG's internal DNS, and I don't think they have any options to run two differing DNS configs on the internal DNS server.

Join Quic Broadband with my referral - no sign up fee and gives me account credit

Anything I say is the ramblings of an ill informed, opinionated so-and-so, and not representative of any of my past, present or future employers, and is also probably best disregarded.

davidcole

6099 posts

Uber Geek
+1 received by user: 1465

Trusted

#3031419 3-Feb-2023 17:36

toejam316:

I think if you're trying to maintain local DNS and use a separate external DNS provider, spinning up a second DNS server might be the easiest way. Local resolution would be done on your USG's internal DNS, and I don't think they have any options to run two differing DNS configs on the internal DNS server.

Yeah so the ush uses whatever 2degrees gives for the wan. I dont set anything.

I run a couple of piholes for my main lan most of my devices use with unbound on them.

The other network is my media network, for apple tvs and chromecasts etc. On those I have the lan DNS servers set as the DNS4Me servers for accessing content. But Id like the media network to be able to get some name resolution from the USG or piholes not too fussed, so it can access things like my jellyfin server rather than just by ip address.

So I'm happy to spin up a dns server, but curious if the unifi/usg can do it out of the box....and if I do set up a dns server can I specify a non standard port for dns eg <ip of new dns>#5353? AS it will most likely be a container running on a machine, I'll just add a macvlan for it so it's on the same media vlan.....but likely its already got another dns server on there.

toejam316

1516 posts

Uber Geek
+1 received by user: 888

Trusted

Lifetime subscriber

#3031422 3-Feb-2023 17:52

So if you're running multiple Piholes, and one of them is on the same network as the media devices, just set that one as the DNS Server for your devices, and have that one forward requests to your DNS service provider, and use the other Pihole to run all your stuff through the standard 2degrees DNS.
Then all you'll need to do is add your own DNS entries to each Pihole.

Join Quic Broadband with my referral - no sign up fee and gives me account credit

Anything I say is the ramblings of an ill informed, opinionated so-and-so, and not representative of any of my past, present or future employers, and is also probably best disregarded.

davidcole

6099 posts

Uber Geek
+1 received by user: 1465

Trusted

#3031424 3-Feb-2023 17:57

toejam316:
So if you're running multiple Piholes, and one of them is on the same network as the media devices, just set that one as the DNS Server for your devices, and have that one forward requests to your DNS service provider, and use the other Pihole to run all your stuff through the standard 2degrees DNS.
Then all you'll need to do is add your own DNS entries to each Pihole.

Oh yeah that’s easier. As long as I can get the pihole/dns into the vlan then yes you’re right I just need to set the unifi to the dns ip. I shouldn’t need a port