I have gl inet opal modem and am trying to setup a conditional DNS forwarding for my smartdns service. This is used to access a streaming service from abroad.
I'm not sure if DNS forwarding is broken with gl inet or if i'm doing something wrong but here are 3 cases:
Case1:
In luci i set up the DNS forwards as: DNS1 : /example.com/123.123.123.123 (smartDNS provider to be used only for example.com) DNS2 : 1.1.1.1 (DNS to be used for everything else)
My expectation is that only DNS1 would be used for example.com. DNS2 would never be used. However, when I go to example.com, the website recognises me as being abroad meaning that DNS2 is used.
Case2: DNS1 : 123.123.123.123 DNS2 : 1.1.1.1
My expectation is that DNS2 is only used if DNS1 is down. However, DNS2 is always used (perhaps because the router sees that its faster and prioritises speed?). When i go to example.com it sees that i'm abroad.
Case 3: DNS1 : 123.123.123.123 DNS2 : BLANK
This works as expected. the router correctly uses DNS1 and when I visit example.com, the smartdns correctly fakes a local connection and example.com shows what i need to see.
Did I miss something or is my understanding of DNS forwarding wrong?
But dns does not have a fail over priority which how you expected it.
How a second dns work is:
if a dns is certain faster, that dns gets indiscriminately used, meaning it does not know about a dns 1 or dns 2 order, it can be just using the second dns.
It fails over indeed when a dns is offline, but it has no order to do so.
Also it's worth mentoining that browsers often also leverage their dns resolver which can interfere with testing, but it seems that is here not the issue
Thanks for your reply. Yes that makes sense and explains case2.
However, what about case1? I want that example.com ONLY uses DNS1 and never DNS2. If DNS1 is down, then the address should not be resolvable. Is this possible? That is the whole purpose of conditional DNS forwards but it doesn't seem to work.
BTW i did activate the option to override all client DNS
I did and its not working which is why I'm posting here for help. See "case1" from my OP. Only case3 is working as expected, cases 1 and 2 are not working as I would expect (though case2 has been explained and clarified by xize11)
It is because it uses 1.1.1.1 there is no priority here , cloudflare just resolves faster than the local dns.
if the /example.com/123.123.123.123 does not work even after a ipconfig /flushdns and a chrome://net-internals/#dns when clicking on the clear host cache, your browser is bypassing the dns, even if the router override dns, you need to disable secure dns in the browser, because the browser bypasses it with its own DoH resolver.
Keep in mind that 'unknown' is still a valid response. This is not the same as no answer, which lead to a fall back.
Why should the system switch to DNS2 if the first one says the domainname is not known?
The DNS is build as hierarchy. If DNS1 (local) can't resolve the domainname it should forward the request to DNS2 (public).
If the response is 'unknown', there is no need to ask another DNS from the client side.
Plus the already mentioned raced condition. DNS is really fast. Around 20 to 120 milliseconds for an answer. After 2 seconds it asks again, after 4 seconds again and after 8 seconds in total the request dies. As default, can be configured.
And it is UDP, there is no handshake, the client does not know if the server is down or just slow. After 8 seconds the answer will (should) be ignored.
