7

I have a Fritz!Box 7490 residential DSL/Modem/Router by AVM.

Additionally I run a DNS server at 192.168.178.5 (actually a Pi-hole Ad Blocker) which I have set in the Fritz!Box's DHCP settings as the DNS address to be distributed via DHCP to all clients. [2]

So when clients request an IP from the Fritz!Box, they are automatically told to ask DNS requests at 192.168.178.5. So far, so good.

The problem is, if this DNS server goes down (updates, reboot, anything), all clients lose the ability to resolve domains (i.e. no more internet). Therefore, I'd like to give them a secondary DNS to use in case the first is unavailable. This secondary DNS could even be the Fritz!Box itself (192.168.178.1), in which case ad-blocking won't work anymore but at least the internet access wouldn't be broken for them.

Seems easy enough, right? Well, unfortunately, the Fritz!Box GUI does not allow me to specify a secondary DNS to be distributed via DHCP (the GUI simply only has one field for one internal DNS server, whatever the reason for that might be). Elsewhere it does have fields for two external DNS servers to be used by the Fritz!Box itself if it acts as the DNS server itself but that's not useful or relevant in my scenario (those are set to OpenDNS servers).

So, seeing as it's not possible to set a secondary DNS in the GUI, I have looked into the configuration file (which you can access by downloading a backup of the Fritz!Box and opening it in a text editor). The relevant section for the LAN DNS server is:

dhcpserver {
        saveinterval = 1h;
        generic {
                default_lease_time = 10d;
                max_lease_time = 13d;
        }
        lan_dns4_server = 192.168.178.5;
}

Does anyone know how I can add a secondary DNS server here?

I'm really desperate, and removing the whole DHCP functionality from the Fritz!Box and setting up my own DHCP server to get around the fact that the Fritz!Box can't seem to give out a secondary DNS unfortunately is not an option, as it breaks several functions of the Fritz!Box (such as the built-in VPN and others).

² Setting the DNS that should be given to DHCP clients is done on the web interface at "Home Network > Home Network Overview > Tab 'Network Settings' > Button 'IPv4 Addresses' (German: Heimnetz > Heimnetzübersicht > Netzwerkeinstellungen > Schaltfläche IPv4-Adressen).

Hope you can help. Thanks.

Steve22
  • 71
  • 1
  • 1
  • 3
  • 1
    Why not set the second DNS statically on the client adapter? Or just run a separate DHCP serving application? – Tim_Stewart Mar 06 '18 at 18:04
  • I have a `6591` and cannot enter elsewhere a second DNS Server. I put in the `Dhcp Setting` of FB the Fritzbox IP as Dns and on the client the pihole ip in the [resolv env](https://askubuntu.com/questions/346838/how-do-i-configure-my-dns-settings-in-ubuntu-server) but this does not work. Maybe the pihole ip has to be set in the Fritzbox? My `dhcpserver setting` in the Fb config file is `lan_dns4_server = 0.0.0.0;` – Timo May 19 '21 at 07:30
  • Just trying to setup a new Fritzbox and have hit the same issue. Every other router I've used has the option to enter 2 DNS servers for the same reasons you stated, so mind boggling that Fritzbox doesn't allow this. I've heard the beta firmware offers more/better functionality so that seems to be my last resort before returning this device. – nickdos Sep 22 '21 at 22:24
  • I just forwarded this issue to the AVM customer support. Let's hope that we get a fix for this in some of the next versions! – Michael Jun 16 '22 at 11:45
  • Did you guys find a solution for this? I'm running into the same problem, can't set an alternative DNS server in case my local DNS server is down and as a result, when the local DNS server is down, the Internet connection is down for everyone in the local network. – IvanBernatovic Jul 03 '23 at 15:16

2 Answers2

4

Can't answer the question as given, but here's an alternative:

Let the Fritzbox hand out its own address for DNS via DHCP, as is the default. Configure the first of the two external DNS servers of the Fritzbox to be your DNS proxy (192.168.178.5), and the second your ISP's DNS server, or Google's, or whatever.

Configure your DNS proxy to use the ISP's DNS server directly.

Result: A DNS client making a DNS lookup will contact the Fritzbox. The Fritzbox will relay the lookup to your DNS proxy server. If the proxy server is down, the Fritzbox will use the ISP's DNS server.

Which should give the result you want. If the Fritzbox ever goes down, you'll have no internet, anyway, so that shouldn't be an issue.

All this assumes the Fritzbox uses the DNS server in the order given, and doesn't override them by your ISP's servers, which it may or may not do, so that needs testing.

dirkt
  • 16,421
  • 3
  • 31
  • 37
  • 3
    Thought of that and already tried that, as it was originally recommended in many Pihole tutorials (has since been changed). The issues are manifold: 1) Internal resolution of clients to their iternal FQDN on the Pi webinterface (reverse lookups, so as to identify clients who make potentially rogue DNS requests) becomes impossible, killing some of the Pihole's appeal. 2) For unknown reasons this makes everything incredibly slow, sites can take many seconds to load now. It's apparently an issue with other routers as well, which is why it's now recommended to advertise the Pihole via DHCP. – Steve22 Mar 06 '18 at 16:16
0

Love my Fritz!Box too, but it's DHCP server is fairly basic. I've added a DD-WRT router on my network and configured DNSMasq to provide more comprehensive DHCP services. Early days, but so far I've not run up against any major issues. I've blogged the details here.

Also note, Fritz!Box VPN users and site-to-site VPN are independent of the internal DHCP server. Mine still work with the Fritz!Box DHCP server off and DD-WRT DHCP server on.

Basil
  • 1
  • 1