Bypassing 8.8.8.8 DNS Lookups on the Internal Network

  1. Create an alias
    Goto Firewall > Aliases
    Add a new alias
    Name  – LocalResolver (anything will do)
    Type – Host(s)
    Now in Host(s) add IP 127.0.0.1 so it always uses the local DNS resolver
    Save this
  2. Change the route
    Goto Firewall > NAT
    Add a  Port Forward ( the first tab )
    protocol: TCP/UDP
    Interface: LAN
    Destination: select DNS
    Source: any
    Redirect Target IP: LocalResolver ( or the name you gave to the alias )
    Redirect port – DNS (53)
    Save this
  3. Apply the changes
  4. Test using nslookup
    steve@goat ~/Videos/Dance/Salsa $ nslookup www.bbc.co.uk 8.8.8.8
    Server: 8.8.8.8
    Address: 8.8.8.8#53
    Name: www.bbc.co.uk
    Address: 104.250.101.87
    steve@goat ~/Videos/Dance/Salsa $ nslookup www.bbc.co.uk
    Server: 127.0.1.1
    Address: 127.0.1.1#53
    Non-authoritative answer:
    Name: www.bbc.co.uk
    Address: 104.250.101.87

    So you can see that there is no difference between the local resolver (which uses a Smart DNS lookup) and 8.8.8.8

Leave a Reply