Info in this article can be found in EdgeRouter – DNS Forwarding Setup and Options
I have Google Fiber for Internet. $70/month for symmetric gigabit is a good deal. Speeds are consistent and service is reliable. But I don’t want to give Google the data of my DNS lookups, especially since it is so easily related to my personal information, now that they are my ISP. Here’s how I configured my EdgeRouter-X to avoid Google’s name servers.
I use the EdgeRouter as a forwarding DNS service. All clients query the EdgeRouter first. The EdgeRouter either replies from cache, or forwards the request on. Forward the request where? By default it forwards it on to the DNS server provided by the ISP. I like the forwarding setup, but I just want to forward to a different DNS server.
Your configuration may be different. Here’s my configuration that sets this up. This configures the dhcp server to tell the clients to send all DNS queries to the EdgeRouter.
set service dhcp-server shared-network-name LAN subnet 192.168.1.0/24 dns-server 192.168.1.1
One way to set a custom name server is to change the name server which is handed out to your DHCP clients. For example:
set service dhcp-server shared-network-name LAN subnet 192.168.1.0/24 dns-server 1.1.1.1
I went a different route. I set the system name servers, then configured the DNS forwarder to forward using the system name servers, not the name servers obtained from the ISP.
set system name-server 1.1.1.1
set system name-server 1.0.0.1
set system name-server '2606:4700:4700::1111'
set system name-server '2606:4700:4700::1001'
set service dns forwarding system
Confirm your settings. Here’s my output, with the Google nameservers not configured for forwarding.
admin@ubnt$ show dns forwarding nameservers
-----------------------------------------------
Nameservers configured for DNS forwarding
-----------------------------------------------
1.1.1.1 available via 'optionally configured'
1.0.0.1 available via 'optionally configured'
2606:4700:4700::1111 available via 'optionally configured'
2606:4700:4700::1001 available via 'optionally configured'
-----------------------------------------------
Nameservers NOT configured for DNS forwarding
-----------------------------------------------
8.8.8.8 available via 'dhcp eth0'
8.8.4.4 available via 'dhcp eth0'