Jeff Abrahamson on 3 Sep 2006 20:24:50 -0000


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[PLUG] linksys router mucks with dns


I purchased a linksys router yesterday ($40 at staples, does
802.11[bg], routes DSL to NAT'ed network, includes dhcp server, has 4
port hub, seems like a good deal).

The installation instructions had a bunch of errors, including bad
links on the install CD.  But ultimately it was easy once I figured it
out: connect to an inside port, get a dhcp lease, and http to
http://www.routerlogin.net/.  It seems reasonable that the unsetup
router offers dhcp leases with it as dns and then resolves that dns
query.

The odd thing is that, now that the router is set up, my regular
machine resolves routerlogin.net and www.routerlogin.net to the
router.  But how can that be?  The router isn't my dns server.

I'm curious, first, how the router is likely intercepting such
queries, and, second, how to decide whether I can trust my router on
other matters if it is willing to do such things as this.  (The second
is probably unanswerable by mortals, but seems worth asking.)

I am on 192.168.0.7, where I designate myself as DNS:

    jeff@astra:~ $ cat /etc/resolv.conf
    search purple.com
    nameserver 192.168.0.7
    jeff@astra:~ $

Querying DNS about routerlogin.net goes to root servers and comes back
immediately with a private address!  (This is not what happens on a
network without this router.)  So the router is not network neutral.
This feels like a small bit of insidious evil on the part of linksys,
since they don't document exactly when they plan not to pass my bits
as I expect.  Am I being unreasonable?

    jeff@astra:~ $ dig routerlogin.net

    ; <<>> DiG 9.3.2 <<>> routerlogin.net
    ;; global options:  printcmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46799
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 13, ADDITIONAL: 0

    ;; QUESTION SECTION:
    ;routerlogin.net.               IN      A

    ;; ANSWER SECTION:
    routerlogin.net.        3       IN      A       192.168.0.254

    ;; AUTHORITY SECTION:
    net.                    110943  IN      NS      L.GTLD-SERVERS.net.
    net.                    110943  IN      NS      M.GTLD-SERVERS.net.
    net.                    110943  IN      NS      A.GTLD-SERVERS.net.
    net.                    110943  IN      NS      B.GTLD-SERVERS.net.
    net.                    110943  IN      NS      C.GTLD-SERVERS.net.
    net.                    110943  IN      NS      D.GTLD-SERVERS.net.
    net.                    110943  IN      NS      E.GTLD-SERVERS.net.
    net.                    110943  IN      NS      F.GTLD-SERVERS.net.
    net.                    110943  IN      NS      G.GTLD-SERVERS.net.
    net.                    110943  IN      NS      H.GTLD-SERVERS.net.
    net.                    110943  IN      NS      I.GTLD-SERVERS.net.
    net.                    110943  IN      NS      J.GTLD-SERVERS.net.
    net.                    110943  IN      NS      K.GTLD-SERVERS.net.

    ;; Query time: 6 msec
    ;; SERVER: 192.168.0.7#53(192.168.0.7)
    ;; WHEN: Sun Sep  3 16:14:30 2006
    ;; MSG SIZE  rcvd: 270

    jeff@astra:~ $

-- 
 Jeff

 Jeff Abrahamson  <http://jeff.purple.com/>          +1 215/837-2287
 GPG fingerprint: 1A1A BA95 D082 A558 A276  63C6 16BF 8C4C 0D1D AE4B

Attachment: signature.asc
Description: Digital signature

___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug