LAN DNS feature is to make Vigor Router act as a DNS server which answers specific DNS queries from the LAN clients. Vigor3900, Vigor2960, and Vigor300B support three types of LAN DNS settings, IP, CNAME and FORWARD. In this document, we will talk about them separately.
Note that no matter which LAN DNS type you are going to use, it is necessary to enable DNS Redirection in the LAN profile at LAN >> General Setup first.
When type IP is selected, the router will respond to the DNS query asking for the specified domain name with an IP address configured. Type IP is commonly used when there's a web server on the internal network, and we want to force LAN hosts to access the web server by its private IP address instead of the public IP address.
To configure a LAN DNS profile with type IP, go to LAN >> LAN DNS, and then click Add:
With the above configuration, when a host from LAN 1 sends a DNS query to ask who is www.draytek.com or who is ftp.draytek.com, the router will respond it's IP is 192.168.239.13 to them directly.
When type CNAME is selected, Network Administrator does not have to specify the IP address in LAN DNS settings. The router will send a DNS query for the IP of the configured CNAME, and then respond the IP to the DNS query for the specified Domain Name. For example, suppose we want to redirect LAN clients forcesafesearch.google.com whenever they try to reach www.google.com, we may create a LAN DNS profile with type CNAME to meet the purpose.
To configure a LAN DNS profile with type CNAME, go to LAN >> LAN DNS and then click Add:
www.google.comat Domain Name
forcesafesearch.google.comin CNAME field
With the above configuration, when LAN hosts send a DNS query for www.google.com, the router will send a DNS query to the Internet for forcesafesearch.google.com first, then reply the IP address it obtained to the LAN hosts. As a result, when the LAN hosts try to access www.google.com, they will reach forcesafesearch.google.com instead.
When selecting type FORWARD, the router will forward the DNS query and response between the LAN host and the specified DNS server. For example, if there's another DNS server managing the domain name *.draytek.com on the private network (even on the remote network over VPN), we can use LAN DNS with type FORWARD to forward the DNS query to the specific DNS server in remote VPN network.
To configure a LAN DNS profile with type FORWARD, go to LAN >> LAN DNS and then click Add:
With the above configuration, when a LAN host sends DNS query to ask who is www.draytek.com or who is ftp.draytek.com, the router will forward the DNS query to DNS server 172.16.2.8; if it gets the response, it will send the answer to the LAN host.
Was this helpful?