You are not logged in.

#1 2013-01-30 01:59:47

fixles
Member
Registered: 2012-09-15
Posts: 101

OpenDNS, dnsmasq and google queries

Hi,

Last night I installed dnsmasq and started to use opendns servers to see if it made my internet any quicker. Everything is working fine except the redirects to opendns website-unavailable.com when searching in the address bar in firefox.

The wiki says add this to /etc/dnsmasq.conf server=/www.google.com/<ISP DNS IP> which I have done and tested it with dig.

I restarted dnsmasq and it has picked up the change but website-unavailable.com is still appearing. Does anyone know if there is anything else I need todo or if there is an updated fix for this?

[root@laptop]# systemctl status dnsmasq
dnsmasq.service - A lightweight DHCP and caching DNS server
	  Loaded: loaded (/usr/lib/systemd/system/dnsmasq.service; enabled)
	  Active: active (running) since Wed 2013-01-30 01:43:40 GMT; 11s ago
	    Docs: man:dnsmasq(8)
	 Process: 9788 ExecStartPre=/usr/bin/dnsmasq --test (code=exited, status=0/SUCCESS)
	Main PID: 9792 (dnsmasq)
	  CGroup: name=systemd:/system/dnsmasq.service
		  └─9792 /usr/bin/dnsmasq -k --enable-dbus --user=dnsmasq --pid-file

Jan 30 01:43:40 laptop dnsmasq[9792]: DBus support enabled: connected to system bus
Jan 30 01:43:40 laptop dnsmasq[9792]: using nameserver 194.168.4.100#53 for domain www.google.co.uk
Jan 30 01:43:40 laptop dnsmasq[9792]: using nameserver 194.168.4.100#53 for domain www.google.com
Jan 30 01:43:40 laptop dnsmasq[9792]: reading /etc/resolv.conf
Jan 30 01:43:40 laptop dnsmasq[9792]: using nameserver 208.67.220.220#53
Jan 30 01:43:40 laptop dnsmasq[9792]: using nameserver 208.67.222.222#53
Jan 30 01:43:40 laptop dnsmasq[9792]: ignoring nameserver 127.0.0.1 - local interface
Jan 30 01:43:40 laptop dnsmasq[9792]: using nameserver 194.168.4.100#53 for domain www.google.co.uk
Jan 30 01:43:40 laptop dnsmasq[9792]: using nameserver 194.168.4.100#53 for domain www.google.com
Jan 30 01:43:40 laptop dnsmasq[9792]: read /etc/hosts - 2 addresses

Thanks

Offline

#2 2013-01-30 02:09:15

roentgen
Member
Registered: 2011-03-15
Posts: 89

Re: OpenDNS, dnsmasq and google queries

If you have dnsmasq is opendns really needed?

edit: seems dnsmasq is just a forwarder.

You might want to look at unbound which is a caching dns server (also with the option to forward dns).

Last edited by roentgen (2013-01-30 02:11:16)

Offline

#3 2013-01-31 02:09:17

hunterthomson
Member
Registered: 2008-06-22
Posts: 794
Website

Re: OpenDNS, dnsmasq and google queries

Hum, the Arch Wiki seems to day that OpenDNS will grab "All" Google searches? Is that the problem you are having? Or, it is only sending unknown urls to website-unavailable.com? Like if you put kjosaidufa8sa9uf in the url bar in FireFox it sends you to the OpenDNS search instead of Google.com?

Anyway, if you use Google's Public DNS any unfound url will result in a Google search.

8.8.8.8
8.8.4.4

....rant...
Personally, I use unbound@127.0.0.1 --> dnscrypt-proxy@127.0.0.2 --> OpenDNS
Then I use StartPage instead of Google directly.
I don't want Google to have a permanent record of everything I do online. I also don't use gmail, Facebook, or Twitter. I use tormail.org and IRC over Tor with Weechat.

Last edited by hunterthomson (2013-01-31 02:13:58)


OpenBSD-current Thinkpad X230, i7-3520M, 16GB CL9 Kingston, Samsung 830 256GB
Contributor: linux-grsec

Offline

#4 2013-01-31 11:21:21

R00KIE
Forum Moderator
From: Between a computer and a chair
Registered: 2008-09-14
Posts: 3,218

Re: OpenDNS, dnsmasq and google queries

roentgen wrote:

edit: seems dnsmasq is just a forwarder.

Dnsmasq also does caching.


R00KIE
Tm90aGluZyB0byBzZWUgaGVyZSwgbW92ZSBhbG9uZy4K

Offline

#5 2013-06-05 01:48:28

ckollars
Member
Registered: 2013-06-05
Posts: 1

Re: OpenDNS, dnsmasq and google queries

...see if it made my internet any quicker...

Possible speedup depends on the quality of your existing ISP DNS service. Some (not all) ISPs provide very good DNS service, and the public DNS services won't do much better.

It also depends on how little or how much caching is done by the local resolver code in your runtime library. 

(Note the commonly referenced `ping` test does not measure actual DNS speed. What it does is measure how fast an empty packet can make the round trip from you to the server and back. To actually measure DNS speed, you'll need to actually perform a real DNS operation. Some variant of `time dig ...` will probably be useful [be sure to prevent local and in-network caches fom making hooey out of your results though:-].)

If you have dnsmasq is opendns really needed?

Yes, they serve different purposes.

`dnsmasq` caching responds to the second DNS request locally, and keeps repeat DNS requests off your wire. This can speed up some dumb applications substantially (especially if the local resolver code in your runtime library doesn't do much caching). However for smart applications like FF that do a lot of their own internal caching it may not make much difference.

OpenDNS provides a "filtered" DNS service. For example if you send it a request for a domain name it knows to be a phishing site, it can be configured to send you back a normal-looking DNS response that in fact contains a bogus IP address. As a result the bad site is not reachable, neither out front where you can see it, nor under the covers in the background. (This behavior is similar to what the proposed SOPA/PIPA legislation that caused to much uproar in 2012 would have done  ...except here it's an option you can control or circumvent, not something baked right into the underlying system so you have no recourse.)

(In some cases OpenDNS also provides significantly faster DNS lookups behind the cache provided by `dnsmasq`. When this happens, the use of `dnsmasq` and the use of OpenDNS will provide a double speedup, more than either technology alone could do. However, as noted above, in many cases OpenDNS will not be significantly faster, and in those situations it will mainly provide "filtering".)

-----

...also see http://www.ckollars.org/dns-intercepting.html

Offline

#6 2013-06-05 04:22:34

fukawi2
Forum Moderator
From: .vic.au
Registered: 2007-09-28
Posts: 5,283
Website

Re: OpenDNS, dnsmasq and google queries

Welcome to our forums ckollars. This is bordering on necro posting which is against our forum rules, but your first post is of good quality so I won't close this but please be mindful of resurrecting the dead wink

Offline

Board footer

Powered by FluxBB