DrayTek UK Users' Community Forum
Help, Advice and Solutions from DrayTek Users
LAN DNS forwarding
- johnpa7
- Topic Author
- Offline
- Junior Member
Less
More
- Posts: 41
- Thank you received: 0
08 Mar 2023 10:34 #102288
by johnpa7
LAN DNS forwarding was created by johnpa7
I have a number of IOT things.
I setup a firewall rule
Direction Lan/RT/VPN -> Wan
Source IP 192.168.0.170~192.168.0.225 Filter Block immediately
In the syslog I then get multiple entries of devices continually attempting to connect to time.google.com. To such an extent the log rapidly fills up.
I then setup LAN DNS Resolution / Conditional DNS Forwarding
time.google.com redirect to 192.168.0.37 << Synology NAS with time service enabled
The number of entries trying to connect to time.google.com falls dramatically from 1 per second to once every 2 hours
If I ping time.google.com it resolves to 192.168.0.37
If enter w32tm /stripchart /computer:time.google.com /dataonly /samples:1
returns
Tracking time.google.com [192.168.0.37:123]. << My router redirecting
Collecting 1 samples.
The current time is 08/03/2023 10:22:34.
10:22:34, +00.0226190s
Yet in In the syslog I get
[192.168.0.183](https://192.168.0.183 ) DNS -> [8.8.8.8](https://8.8.8.8 ) inquire [time.google.com](https://time.google.com )
[192.168.0.181](https://192.168.0.181 ) DNS -> [208.67.222.222](https://208.67.222.222 ) inquire [time.google.com](https://time.google.com )
Somehow the device issue an https command that is not redirect
It would appear the device not being redirect to local time server.
I am at a loss how to proceed. Any help would be grateful
Router is Vigor 2962
Draytek Switch G2280X
Ap 903
AP 1000c
Ap 802
I setup a firewall rule
Direction Lan/RT/VPN -> Wan
Source IP 192.168.0.170~192.168.0.225 Filter Block immediately
In the syslog I then get multiple entries of devices continually attempting to connect to time.google.com. To such an extent the log rapidly fills up.
I then setup LAN DNS Resolution / Conditional DNS Forwarding
time.google.com redirect to 192.168.0.37 << Synology NAS with time service enabled
The number of entries trying to connect to time.google.com falls dramatically from 1 per second to once every 2 hours
If I ping time.google.com it resolves to 192.168.0.37
If enter w32tm /stripchart /computer:time.google.com /dataonly /samples:1
returns
Tracking time.google.com [192.168.0.37:123]. << My router redirecting
Collecting 1 samples.
The current time is 08/03/2023 10:22:34.
10:22:34, +00.0226190s
Yet in In the syslog I get
[192.168.0.183](
[192.168.0.181](
Somehow the device issue an https command that is not redirect
It would appear the device not being redirect to local time server.
I am at a loss how to proceed. Any help would be grateful
Router is Vigor 2962
Draytek Switch G2280X
Ap 903
AP 1000c
Ap 802
Please Log in or Create an account to join the conversation.
- bookit
- Offline
- Junior Member
Less
More
- Posts: 41
- Thank you received: 0
08 Mar 2023 12:23 #102290
by bookit
Replied by bookit on topic Re: LAN DNS forwarding
There is a response to your post on Reddit.
Please Log in or Create an account to join the conversation.
- pharcyder
- Offline
- Member
Less
More
- Posts: 165
- Thank you received: 1
08 Mar 2023 12:47 #102291
by pharcyder
Replied by pharcyder on topic Re: LAN DNS forwarding
What is the desired outcome you are looking for as its not clear?
Please Log in or Create an account to join the conversation.
- johnpa7
- Topic Author
- Offline
- Junior Member
Less
More
- Posts: 41
- Thank you received: 0
08 Mar 2023 13:30 #102292
by johnpa7
Replied by johnpa7 on topic Re: LAN DNS forwarding
The object is to prevent a range of addresses accessing the internet.
When I block the range 192.168.0.175 ~ 192.168.0.225
The devices in this range continually try to connect to time.google.com, almost every second. Resulting in thousands of requests.
I take this as proof the firewall block works
Therefore I set up DNS forwarding for time.google.com to redirect to 192.168.0.37 synology DSM22+ with NTP service running.
Yet when I check the log there is a DNS request
[192.168.0.183](https://192.168.0.183 ) DNS -> [8.8.8.8](https://8.8.8.8 ) inquire [time.google.com](https://time.google.com )
The devices now only poll the time sever every 2 hrs. I would prefer they obtained the time from the synology.
Thanks for responding
When I block the range 192.168.0.175 ~ 192.168.0.225
The devices in this range continually try to connect to time.google.com, almost every second. Resulting in thousands of requests.
I take this as proof the firewall block works
Therefore I set up DNS forwarding for time.google.com to redirect to 192.168.0.37 synology DSM22+ with NTP service running.
Yet when I check the log there is a DNS request
[192.168.0.183](
The devices now only poll the time sever every 2 hrs. I would prefer they obtained the time from the synology.
Thanks for responding
Please Log in or Create an account to join the conversation.
- pharcyder
- Offline
- Member
Less
More
- Posts: 165
- Thank you received: 1
10 Mar 2023 17:34 #102301
by pharcyder
Replied by pharcyder on topic Re: LAN DNS forwarding
If it were me, I would either add something to the local hosts file on the devices you want to re-direct so that time.google.com resolves to your Synology IP or deploy a name server like a Pihole and resolve time.google.com to your Synology there.
Please Log in or Create an account to join the conversation.
- johnpa7
- Topic Author
- Offline
- Junior Member
Less
More
- Posts: 41
- Thank you received: 0
14 Mar 2023 08:41 #102308
by johnpa7
Replied by johnpa7 on topic Re: LAN DNS forwarding
Hi thanks for the reply, the devices which are using time.google.com are part of IoT such as light switches, smart sockets. Therefore I don't have access to the host file.
I have setup in the Lan DNS/Dns forwarding on the 2962.
which forwards local requests to time.google.com to 192.168.0.37
When I ping time.google.com returns
ping time.google.com
Pinging time.google.com [192.168.0.37] with 32 bytes of data:
Reply from 192.168.0.37: bytes=32 time=1ms TTL=64
Reply from 192.168.0.37: bytes=32 time=114ms TTL=64
192.168.0.37 is the synology running NTP service. Unfortunately there is no log function, so I can't confirm the smart switches connect to the NTP service.
From draytek log
192.168.0.190 DNS -> 8.8.8.8 inquire time.google.com
The device appears to bypass the DNS settings, an early reply from another member. mentioned a type 65 DNS request maybe the cause. Something apple implemented. I am not clear what that actually is. Perhaps a PI hole could circumvent this.
I have setup in the Lan DNS/Dns forwarding on the 2962.
which forwards local requests to time.google.com to 192.168.0.37
When I ping time.google.com returns
ping time.google.com
Pinging time.google.com [192.168.0.37] with 32 bytes of data:
Reply from 192.168.0.37: bytes=32 time=1ms TTL=64
Reply from 192.168.0.37: bytes=32 time=114ms TTL=64
192.168.0.37 is the synology running NTP service. Unfortunately there is no log function, so I can't confirm the smart switches connect to the NTP service.
From draytek log
192.168.0.190 DNS -> 8.8.8.8 inquire time.google.com
The device appears to bypass the DNS settings, an early reply from another member. mentioned a type 65 DNS request maybe the cause. Something apple implemented. I am not clear what that actually is. Perhaps a PI hole could circumvent this.
Please Log in or Create an account to join the conversation.
Moderators: Chris, Sami
Copyright © 2024 DrayTek