Force to use specific DNS provider at network

Question

OpenDNS offers a quite simple way for internet filtering by categories. Of course who could get the correct IP address can easily bypass the filter but it would be enough for my expectations.

The bigger problem is that changing DNS provider at client side is not a big deal.

So my question is whether it is possible to force to use only specific DNS provider at local network.

The target device is a WiFi router with OpenWRT. (However I would welcome any similarly simple to set up filtering solution but the main question is the DNS provider forcing.)

EEAA · Answer 1 · 2012-04-11T15:09:40.787

6

Sure - this is a fairly standard thing to do to prevent clients from falling victim to one of the various malwares that change the clients' DNS settings to point to a malicious server.

You can point clients to a local recursive resolver, then block outbound 53/tcp and 53/udp from all IP addresses on the network except for the local resolver.

edited Apr 11 '12 at 15:09

answered Apr 11 '12 at 15:07

EEAA

108,414
18
172
242

Force to use specific DNS provider at network

1 Answers1