Single DNS server with AdGuard

Technical Support for Routers
1

Hi there,

I have a question about the Brume2 (GL-MT2500).

What I have:

  • Fritzbox with DHCP
  • a lot of Clients (fixed and dynamic IP)

What I want:

  • use my GL-MT2500 as DNS (IPv 4 & v6) with single NIC
  • use AdGuard
  • keep DHCP on my Fritzbox
  • name resolution on the GL-MT2500 for internal Clients, so I see my clients in the logs

What I do not want:

  • change something on my current network
  • use DHCP of the GL-MT2500

What are the basic settings to do all the above?

  • use only WAN port
  • as far as I understood I need to setup the drop-in Gateway function on the GL-ML2500
  • change the DNS servers on the Fritzbox to query the GL-ML2500 and to send them via DHCP
  • activate IP v6

But what do I have to setup that I get the local clients resolved in the AdGuard logs?
I always get a warning I shall switch the DHCP from the Fritzbox to the Gl-MT2500 which I do not want to.

Thanks Wolf

2

On Brume2:
Network Firewall open udp port 53.

On Fritzbox:
setup dhcp option 6 for dns server.

3

Hi hansome,

I opened the firewall port an Brume2.
On a Fritzbox it’s not directly possible to edit option 6 of DHCP but I found the setting so that the DNS server is spread to the clients. I can confirm that the clients get the Brume2 as DNS Server via DHCP.

But I do only see 127.0.0.1 on the Brume2 in AdGuard in the logs.
I did configure the private inverse server on AdGuard like this:

192.168.77.240
fd00:de49:6666:1515:de39:6fff:fec1:1ad0
[/77.168.192.in-addr.arpa/]192.168.77.240
[/d.f.ip6.arpa/]192.168.77.240

all the above addresses are my Fritzbox which does the DHCP.

Any idea how I get teh local clients resolved correct?

4

I didn’t configure this. This may not be needed.

You can run command on one of the DHCP client of Fritzbox to confirm
Eg,
Fritzbox(192.168.77.240)
PC(192.168.77.10)
Brume2 WAN(192.168.77.11)

run command on PC:

nslookup google.com 192.168.77.11

Then Brume2 AdGuard page will show that DNS query.

5

The command get’s this replay:

nslookup google.com 192.168.77.11
Server: GL-MT2500.lan
Address: 192.168.77.11

Nicht autorisierende Antwort:
Name: google.com
Addresses: 2a00:1450:4001:828::200e
142.250.185.142

But my AdGuard shows me the attached picture in his logs.

2023-03-15_19h07_51
2023-03-15_19h07_511134×720 83.3 KB

6

If the query(google.com) shows up on that page, then it’s normal. My test is like:

image
image992×448 17 KB