Manually Add DNS Entries

Comments

5 comments

  • Avatar
    rotblitz

    OpenDNS is a recursive DNS service, and entering something into a recursive DNS service which is not covered by an authoritative DNS service will never happen.  It would break any internet standards, internet user expectations, safety and security.  Such a feature would be a paradise for criminals too...

    To resolve your own network world, you have three options:

    • Run an own (mixed recursive and authoritative) DNS server where you can add fake and real zones as you want.
    • Register the domain/zone you want to add entries for, and manage its DNS records yourself on its authoritative nameservers.
    • And as you said, the local hosts file is another option, easily and almost available.

    Regarding your use case scenarios:

    1. As quick and simple solution a hosts file entry is indicated, or an own DNS server.  The second option from above isn't possible.
    2. This is technically impossible anyway.  Private IP addresses are not routable over the public internet.  Instead you have to configure port forwarding on the router, and then you can access your network with your public IP address which again can be associated with any available hostname.
    3. Pretty clear that this can be used from within your LAN only, never from outside.  This is a case for my option 2, registering the domain if not already taken.  (Clearly, router.com has been taken already.)  Therefore you can register any other available domain, and use subdomains from it for your purpose.  Assigning private IP addresses to public hostnames can be done, although not recommended due to possible DNS rebinding and other attacks.  Options 1 + 3 are valid too for this scenario, especially for a hostname "printer" which cannot be publicly registered.  But all has to happen on the authoritative side of DNS.
    0
    Comment actions Permalink
  • Avatar
    fouadatmeh

    Thanks for your reply. the word recursive closed the door completely :)

    As for my use cases, I just want to comment:

    1- I just found that my ISP's portal can be found through other DNS's (it's portals.mada.jo, it resolves to   172.16.192.45 which is clearly only accessible through the ISP's link, but I was able to resolve it on another ISP's DNS, and even on http://www.dnsqueries.com).. So I think there this can be solved through OpenDNS for my case at least. Should I open a ticket?

    2- I already have that setup at home, where I have a dynamic DNS name resolving to my public IP, which forwards ports to the server's priv. IP.. but when I'm @ home, I set the wireless router's ip as the primary DNS server and I set my public domain in it so it resolves the same dynamic DNS name to the private IP when am at home giving me better speeds..

    3- I agree I only intend to use it from the LAN...

    0
    Comment actions Permalink
  • Avatar
    rotblitz

    "it resolves to   172.16.192.45 which is clearly only accessible through the ISP's link, but I was able to resolve it on another ISP's DNS"

    Sure, as I said above, hostnames can resolve to private IP addresses.  But name resolution is not the issue. Traffic cannot be routed over the public internet.   What would be the use of name resolution if you can't establish connections?  A ticket would not help here either.

    "I set the wireless router's ip as the primary DNS server and I set my public domain in it so it resolves the same dynamic DNS name to the private IP when am at home giving me better speeds.."

    Yes, sure, for LAN connectivity only.  Nothing for OpenDNS.  OpenDNS is not a dynamic DNS hosting provider or such.

    0
    Comment actions Permalink
  • Avatar
    rajah893 (Edited )

    OpenDNS provides content filtering, yet it does not filter search results from Google. The Google images returned can be quite explicit even though OpenDNS would filter the sites which Google is displaying images from.

    Google's answer to this is to add a DNS entry to force Google to use its safe search feature.

    If you cannot or will not allow us to make custom DNS entries for our network on OpenDNS, please add a feature to the GUI that will force Google searches to the safe search site.

    0
    Comment actions Permalink
  • Avatar
    rotblitz (Edited )

    "Google's answer to this is to add a DNS entry"

    Correct.  This is something you do only with an authoritative DNS (hosting) service, never with a recursive DNS service like OpenDNS.  You're on the wrong page.

    See also https://support.opendns.com/hc/en-us/articles/227986807

    "If you cannot or will not"

    Your message will hardly be seen by OpenDNS staff, but only by us other users in this community forum.  If you want to talk to staff, you "Submit a request", see the link above.

    0
    Comment actions Permalink

Please sign in to leave a comment.