OpenDNS on OpenWRT (with my Linksys router)
posted by: Ralf Rottmann | posted @ Sunday, June 08, 2008 11:46 PM | View blog reactions

 

I recently stumbled upon OpenDNS, a service reviewed and recommended by Scott Hanselman and others. After having conducted some speed tests, I decided to switch to OpenDNS. As a positive byproduct OpenDNS allows me to enforce parental control for my 8-years old sun by allowing me to define black- and whitelists.

My setup is a Linksys WRT54G/GS/GL with OpenWrt White Russian (with X-Wrt Extensions 0.9). I assume the below instructions will work on most other versions of OpenWrt, too, without requiring modifications.

The OpenDNS web site is a great web design example. It's straight forward, appealing and at the same time easy to use. Unfortunately even though it offers forums, technical support and a knowledge base, I was unable to get help setting up OpenDNS for my wireless home network. A Google search revealed that quite a few others seem to have struggled with getting OpenDNS up and running on routers running OpenWrt. So I decided to explain what I've done to get it working. Here's my guide - use at your own risk!

I'm assuming that you know how to log into your router and can execute basic Linux commands.

First things first: Sign up!

Before we get any further, I'd recommend to sign up for a free OpenDNS account. While you can use OpenDNS without an account, in order to enjoy the advanced features - like statistics, etc. - you've got to sign up. So go ahead:

Use OpenDNS

(In case the smart button above says "YOU'RE USING OpenDNS! Sweet!" you can close this blog post - somebody already set up OpenDNS for you!)

Add a Network

Log into OpenDNS and navigate to your Dashboard. Select Networks.

image

OpenDNS usually automatically recognizes your current external IP address. So the next page will look something like this:

image

Assign a speaking name to your new network and click ADD THIS NETWORK. Note: Your external IP address very likely is a dynamic IP address, which means you get a different external IP address whenever you reconnect to your ISP. Don't worry. We'll take care for this in a bit. In order to activate dynamic IP address usage for a given network, you first have to create one. So first create a new network with this static entry as described here, and continue to follow my guide.

You might want to upload a logo for your newly created network. OpenDNS allows you to redirect users to a custom "Domain not found" page. The logo you upload gets used on this and other custom pages. Click the Networks tab on your Dashboard. Select the wrench to access the network's settings:

image

Select Set Up a Dynamic IP:

image

Check the Enable dynamic IP update checkbox and click Apply.

image

Configure your router to use OpenDNS DNS servers

In a default configuration your router gets its external (dynamic) IP address and the addresses of your ISPs DNS servers once it connects. However, we want it to use the OpenDNS name servers, 208.67.222.222 and 208.67.220.220. In order to set this up, SSH into your router. Change the directory to /etc/init.d. You should find the start script for the dnsmasq service.

image

Open the start script for editing. (vi S60dnsmasq will do it.)

Go to the bottom of the file and delete the line which says nameserver 127.0.0.1. (In vi move the cursor anywhere inside this line and hit the d-key twice.)

Add two lines pointing to the OpenDNS name servers. (In vi change to Insert mode by hitting the i-key.)

image

Save the modified start script.

Sending your dynamic IP address to OpenDNS

For whatever reason at the time of this writing there seems to be now extension for OpenWrt that allows to configure automatic updates via the web interface. Well, we are going to use a simple workaround, then!

Go to /etc/ppp and edit the ip-up script.

At the end of the script add the following line

/usr/bin/curl -k -u username:password https://updates.opendns.com/nic/update?hostname=label

Replace username with your OpenDNS username and password with your OpenDNS password. For label use the speaking name you've configured as your network name in OpenDNS Dashboard.

image

Save the script. Make sure your OpenWrt installation can access curl. Type curl at the shell prompt. OpenWrt should return a curl: try 'curl --help' for more information message. In case curl is not available, type ipkg install curl to install it.

Change name servers assigned via DHCP

Clients using your router get their local IP address along with their DNS entries from your router through its DHCP service. In a default configuration the router simply assigns its own address as the DNS address to DHCP clients. Your local PC's DNS servers will very likely point to something like 192.168.1.1. OpenDNS demands that all of your client PCs use the OpenDNS name servers directly. So the last step is to configure your router so that it assigns the OpenDNS name servers to its DHCP clients.

Change into the /etc directory and edit the dnsmasq.conf file.

The last line in that file allows to activate custom name server addresses for DHCP clients. Uncomment the last line and change it accordingly.

image

(Note: I've configured my router to assign 208.67.222.222 (OpenDNS name server 1) as the first DNS server address and 192.168.1.2 (my router's own IP address) to its DHCP clients. The second address (192.168.1.2) might vary in your setup.)

Reboot everything

The last thing to do is to reboot everything. Start with your router. Go ahead with all PCs connected to your router.

That's it! You're done.

Cross-checks

You might want to do a couple of quick checks to verify that everything went fine:

1. Visit http://www.opendns.com. In the upper left corner OpenDNS should indicate your current external IP address. Make sure it is current. If it not the curl command did not get executed correctly. Check the steps above.

2. If you're on a Windows machine, open a Command Prompt and submit ipconfig -all. Check that for your active interface DNS Servers contains the OpenDNS name server (208.67.222.222).

Steps from here

Now that you've setup everything you might want to activate statistics for the network and add custom messages.

image

image

OpenDNS needs some time to collect statistics. It took some 30 minutes for me, so don't worry in case stats are not available right after set up.

 

Hope this helps!

Ralf

 

comments
Ben stated:
# re: OpenDNS on OpenWRT (with my Linksys router)
Excellent, thanks so much for this! I was trying to find out how to have White Russian dynamically update my ip address and this saved me a lot of time. Great walkthrough.
posted on 6/21/2008 7:21 AM
Ralf stated:
# re: OpenDNS on OpenWRT (with my Linksys router)
Ben, great that it did help. Thanks for visiting!
posted on 6/21/2008 9:55 AM
make money online stated:
# make money online
Finally, I found a site that I can depend on for good content. THanks!
posted on 6/30/2008 12:31 AM
sirjaymz stated:
# re: OpenDNS on OpenWRT (with my Linksys router)
This is great! A MUST for ALL parents in todays internet society. Awesome walkthrough!
Those that are running this are protecting their children.
posted on 7/2/2008 8:41 PM
SafeSurf stated:
# re: OpenDNS on OpenWRT (with my Linksys router)
You can also use hotplug to update your DDNS. I have written some instructions on how to do this with PacketProtector, which is based on openwrt/x-wrt. It should work on other openwrt-based projects if you remove the export instruction and the /packetprotector directory. Or just use http://packetprotector.org !

http://packetprotector.org/forum/viewtopic.php?pid=6081#p6081
posted on 7/2/2008 10:23 PM
zaratustra stated:
# re: OpenDNS on OpenWRT (with my Linksys router)
Hey, but where in the hell do you setup parental control? On the OpenDNS webui? Which means, no account, no parental control?
posted on 9/7/2008 10:14 AM
post your comment
Title *
Name *
Email
Url
Comment *  
Please add 3 and 6 and type the answer here: