Back to Help and Support
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
1

Ask

2

Reply

3

Solution

Ability to disable rebind attack prevention?

Cheezykins
3: Seeker
3: Seeker

‎05-02-2024 10:01 PM

This feature is driving me nuts.

I run my own DNS server which has its own rebind attack prevention, but also overrides some public DNS for internal things here at home.

I can't configure the router to issue my own IPs for DNS servers via DHCP, so as far as I can see I either have to also run my own DHCP server with all of the overhead that comes with it, or stick with the router and rely on the router's built in DNS server to forward to my internal one.

But in that case, my internal lookups to my overrides fail due to this non-configurable rebind attack protection, which is completely unecessary!

I desperately need either a way to configure the router's DHCP server to issue whatever DNS servers I tell it to, or to disable the rebind prevention on the internal DNS server.

Is there any hope for this?

0 Thanks
6 REPLIES 6

Ripshod
16: Advanced member
16: Advanced member

‎05-02-2024 10:08 PM - edited ‎05-02-2024 10:08 PM

With more exotic installs, and with the dumbing down of the router, it's often advantageous to use your own router. 

Cheezykins
3: Seeker
3: Seeker

‎05-02-2024 10:38 PM

Yeah but that's like £200+ for a compatible one, this shouldn't be so difficult for something as "exotic" (read, fundamentally basic) as DNS or DHCP configuration.

0 Thanks

CrimsonLiar
16: Advanced member
16: Advanced member
In response to Cheezykins

‎05-02-2024 11:13 PM

The additional overhead from running DHCP on your server should be pretty minimal - DHCP, just like DNS is not usually a CPU hog!  When it comes to exotic, that is pretty much anything that the average user is not going to be doing!  Pi-Hole for example is perfectly happy running on a Pi-Zero even with the DHCP function in use!

Cynric
16: Advanced member
16: Advanced member
In response to CrimsonLiar

‎05-02-2024 11:18 PM

I'd echo the comment about PiHole. I have it running in a Pi version 3 serving DNS, DHCP and DNS blacklist without any issues.

Cheezykins
3: Seeker
3: Seeker
In response to CrimsonLiar

‎05-02-2024 11:56 PM

Ahh you're right, I'm just getting frustrated wiith it, I'll have a fiddle with dnsmasq tomorrow evening, probably not a good idea to potentially (temporarily) trash my home network right before bed!

0 Thanks

CrimsonLiar
16: Advanced member
16: Advanced member

‎06-02-2024 06:31 PM

Personally, I try to take a light touch regards DHCP, so I only have one device with a manual IP address (set on the device), everything else I may need to access can be accessed via a hostname (again set on the device, not the router).

0 Thanks