Disable DNS rebind protection
This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Hi - I installed a new 3-pack of X60's in our home today. It was challenging and frustrating for various reasons, and is only partially working now.
One particular issue does seriously concern me. In the phone app (Android) under Advanced/LAN IP, my main Deco is correctly configured as 192.168.0.1, but has Subnet Mask of 255.255.252.0. That's a very large range for a home network, and is causing some problems. I tried to change Subnet Mask to 255.255.255.0, but the app refused to accept the change.
This seems to be because I use a PiHole DNS server on Raspberry Pi, with static IP 192.168.0.93. The Pi-Hole FAQ's say that some routers permit DNS rebind protection to be disabled, and some don't....
I can't see any option in the Deco app to disable DNS rebind protection, so my only choice seems to be to disable DCHP altogether and let the Pi-Hole provide that service.
The problems this is causing relate to crazy dynamic IP allocations. My Deco system's DHCP is set to allocate 192.168.0.50 - 192.168.0.250, but one of our home devices (Amazon Fire TV) has received an IP of 192.168.49.1. This places it outside the range of my normal LAN management, and makes SMB streaming very difficult.
What I need is either -
- A way to disable DNS rebind protection on the main Deco or...
- To prevent the main Deco from assigning dynamic IP's outside the range I defined.
I will not accept the Deco system overiding my settings like this, the whole package will be returned for refund if this can't be rectified. Sorry if that sounds tetchy, but I've been working on this for 14hrs now and it's a little frustrating. I understand it's designed to be a simple, accessible system, but when I define a range of 200 IP addresses for DHCP, the system should not ignore my wishes and assign addresses outside that range. That's just bad design.
Thanks in advance for any suggestions - I'm happy with the mesh wifi aspect and hope to find a solution for this.
Steve
Thanks for the quick reply, David.
Firstly, I think you're right about the Amazon Fire TV. Googling some more suggests that 192.168.49.1 is a static address generated within the Fire TV, related to a WiFi Direct function. Also this behaviour occurs on many (all?) Fire TV's regardless of the local network, so even if your LAN is completely different the Fire TV will still assert a secondary 192.168.49.1 IP. I checked the Fire TV again this morning, and the external LAN IP is 192.168.0.199, ie within the range I designated for DHCP.
That reassures me about the Deco's DHCP function, and I'm not likely to waste more time transferring the DHCP service to the Pi-Hole. I don't like the forced 255.255.252.0 subnet, but it doesn't seem to be causing any harm at present. In reply to your question, the Pi-Hole offers a pretty capable DHCP service, presumably because DNS rebind causes big problems for some users. I can't post urls, but the FAQ screenshot in my original post has a lot more information about this.
Thanks again for helpful reply.
Steve
PS - some of the filtering rules on this forum are a bit excessive. When I wrote this IP as an example of another LAN range....
The forum refused to accept submission.....
