Return to FAQ List
FAQ 110: Problems with certain routersCategory: Troubleshooting
Some D-Link, Linksys, Netgear, and other consumer or home-grade devices have an option called DNS Relay or DNS Proxy and this option must be disabled
when a DNS server is inside the LAN.
Alternative firmware Tomato or
DD-WRT calls this DNS Masquerading and this option must be disabled.
When DNS Relay / DNS Proxy / dnsmasq / DNS Masquerading / DNS Forwarding is enabled the device captures all outgoing DNS traffic and directs it to the DNS server specified.
Since the DNS server specified is inside the LAN (the IP of the DNS Redirector server) DNS resolution is basically stuck in a loop and
cannot resolve out to the Internet.
Some routers are very lousy when acting as a DNS forwarder, leading to unresolved queries which results in retries which gives the impression Internet is slow or un-responsive.
Our suggestion for performance and simplicity is to never allow your firewall/router to act as a DNS forwarder.
FAQ 35 Known incompatible devices
FAQ 107 Problems with certain firewalls