Router Still Adding Local DNS to Clients

3thor · ‎08-07-2016

I set up my router Actiontec C2100T to use 208.67.222.222 as primary DNS and 208.67.220.220 as the secondary but on all of my connected devices, ethernet and wireless, the 3 DNS that show are 192.168.0.1, 192.168.0.1, and 208.67.220.220. I have tried flushing the DNS on all of my devices and even upgrading the firmware on the router and rebooting. Anyone ideas?

mattwilson9090 · ‎08-07-2016

Some routers always override or simply ignore settings such as DNS servers in DHCP. Others "backfill" ISP DNS addresses if you haven't filled in every DNS "slot" that they list. If they have more than two openings fill in the "additional" OpenDNS addresses of 208.67.222.220 and 208.67.220.222

This is another reason why it's recommended to set the WAN DNS address to OpenDNS (thus locking out the ISP's addresses) and let DHCP continue to point to the router. There are architectural and performance reasons for this, rather than pointing each machine directly to OpenDNS.

3thor · ‎08-07-2016

There are only two available entries for the DNS addresses in my modem's settings. It's a Century Link modem btw.

I'm not seeing any options for the WAN DNS address. The only close ones I'm seeing are modem IP address and DHCP beginning and ending addresses.

mattwilson9090 · ‎08-07-2016

Aw, I didn't realize it was a router from your ISP. It may not matter what you do since many ISP's routers can be extremely restrictive or even seem to ignore settings, especially DNS settings.

When you say there are only two available entires for the DNS addresses I'm assuming that it's in the DHCP settings.

You might try contacting your ISP, but I doubt that will be very productive.

If memory serves correctly some models of Actiontec that some ISP's use "hide" the WAN ISP settings in other parts of the firmware. You might have luck with "advanced settings" or similar things, but you might not find anything.

Another option, one that I recommend is to get your own router, then connect that to your ISP's router. You'll be able to configure everything, including WAN DNS settings so you don't have to pass DNS via DHCP, but there are a number of other advantages to doing that. You should be able to get a good one for $50-$75, and in the long term it will prove to be a very good investment. Depending on what you get you could get one that allows you to load 3rd party firmware, I'd pursue that particular option if you fit into the category of "computer hobbyist" or are some sort of IT professional.

3thor · ‎08-07-2016

Yup, modem, router, access point 3 in 1 from the ISP. Unfortunately it must be hidden from me entirely.

I will have to look into that. Although AC routers are still more expensive (I have fiber luckily) and at one point I thought of building my own. Building my own would be more expensive I think, but would allow more flexibility and insight into what traffic is coming from where and allow for things like malware protection on the router. Some 3rd party firmware on a commercial router may allow that even.

Thanks for all of your help! You may have convinced me to look into an AC router for my place. The 3 in 1 is broadcasting 1/5 of the speed that I get over Ethernet; so not great, especially since I'm paying for it.

mattwilson9090 · ‎08-07-2016

You don't necessarily need to get an 802.11ac router. Unless you have ac capable devices that are capable of taking advantage of that raw speed an 802.11n router is more than adequate, especially since ac is still evolving.

Anything that provides malware filtering at the "router" level is going to be more expensive, either because you'll need PC hardware running one of the free solutions, or you'll be stepping into the realm of a UTM or NGF rather than a "simple" router. 3rd party firmware can provide pretty much all of the routing features that those can, they just can't provide the additional features that would differentiate a router/firewall (stateful packet inspection) from a UTM or NGF

kmmatney · ‎04-05-2017

Did this ever get sorted out? I'm in the same boat - exact same issue. I do have a Netgear Nighthawk R7000 router than I can use (and was using before with Comcast) but I haven't been able to get Bridge mode working on my C2100T modem. I did use this same router int eh past with centurylink, but back then the protocol was PPoE. My new Centurylink modem uses IPOE to logon. This should make things easier, but I haven't been able to get briding to work (I enabled VLAN tagging on my R7000, set set 201, but still won't work).

rotblitz · ‎04-05-2017

This does not seem to be OpenDNS related, so help will most likely not be provided here. Your best bet is to visit Netgear and Centurylink forums or at least modem/router specific forums. This is where the nerds are, not here.

drew.thor · ‎06-22-2017

I ended up getting a AC3100 and then I could set the DNS myself without it being overriden

kmmatney · ‎06-27-2017

I was able to get my C2100T in bridge mode, and the OpenDNS servers are now working again with my R7000 router. The only way is to use a separate router - the Centurylink modem simply ignores whatever DNS server you set it to.