[SOLVED] Questions about DHCP/DNS and WAN interface compared to OpenWRT

Software SW help
, , ,
1

Hello together,
I am currently configuring my new Turris Omnia Wifi 6 in the same way as my previous OpenWRT router.
The Turris reForis GUI is completely new to me. So far I have only been using Luci in the past in OpenWRT.

The following points are not quite clear to me at the moment:

  • DHCP:
    In OpenWRT (Luci) I have an option “DNS forwardings”. I cannot find this in Turris OS in the Luci GUI. But I guess this is the same as in reForis GUI under DNS right?
  • DNSSEC:
    DNSSEC is apparently activated in reForis. If I look in Luci under “DCHPC and DNS” on the “DNSSEC” tab, no checkmark is activated there. Does this check mark have to be set additionally or does it have no function?
  • WAN Interface:
    I had previously configured “Use custom DNS servers” in the WAN interface. Is this also still necessary in Turris via Luci or is this also maintained via reForis under “DNS Settings”?

It’s just not clear to me yet what should be maintained in reForis and what in Luci or Shell.
As far as the points mentioned are concerned, it is simply important to me that DNSSEC is configured correctly and that the Turris OS itself uses the DNS servers I want and not those of the provider.

2

That tab does nothing with DNS on Turris. It’s from upstream OpenWrt and designed to only control dnsmasq which is not used for DNS on Turris OS.

1 Like
3

General rule of thumb: use reForis for as much as possible. Use something else only when you know what you’re doing.

2 Likes
4

That makes sense, thank you very much. What is used instead of dnsmasq in Turris?

5

https://knot-resolver.cz except for original Turris 1.x which had https://unbound.net

1 Like
6

dnsmasq is still used for DHCP.

1 Like
7

Ok, then could I activate the DNSSEC in Luci on DHCP so that it will also using for DHCP or what do you think? Is this not necessary?

8

There’s no DNSSEC in the DHCP protocol.

1 Like
9

Ok one last question just to be sure :blush:
My point DHCP and DNSSEC I think this is more clearer for me now. The third point “WAN”. This is as I aspected or? This option is better to set about reForis “DNS” right?

10

Yes, in reForis “DNS” tab. Though I think in its WAN tab you can also override what your ISP’s DNS resolvers are and then choose in “DNS” tab to use those. But in the DNS tab you can choose whatever anyway.

1 Like
11

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.