cat /etc/resolv.conf shows different DNS than what's in router

I have my router (dd-wrt) configured to have three DNS addresses (two from my isp and one from google), but when I try to check what DNS my computer’s using, it gives the router’s address (this is fine), the google address (this is fine) and then some other address that’s not in my router. I think it might be owned by my ISP, but am not 100% certain, and they’re being no help on this. Anyone know why this occurs and how to check if this is a correct/safe occurrence?

If you want to know what’s in your dd-wrt, you’re probably going to have to login and check (and any further questions directed to a dd-wrt forum).

As for what the router is handing your client machine (and assuming DHCP), then you’ll have to again start with your router’s configuration. Note that unless your router is managed by your ISP, you should have full view and control over what your router is handing your client machine.

IMO,
TS

Thanks for the reply and help. :slight_smile:

I think you misunderstood me a bit though. I know what’s in my router’s config. It’s the google DNS (8.8.8.8) and the two addresses for my ISP’s DNS. These are set under “static DNS 1, 2, 3”. And yes, I’m using DHCP.

On 2012-02-17 20:56, 6tr6tr wrote:

> I think you misunderstood me a bit though. I know what’s in my router’s
> config. It’s the google DNS (8.8.8.8) and the two addresses for my ISP’s
> DNS. These are set under “static DNS 1, 2, 3”. And yes, I’m using DHCP.

My guess is that the router is telling your machine the DNS you actually
get. You could try wireshark and find out.


Cheers / Saludos,

Carlos E. R.
(from 11.4 x86_64 “Celadon” at Telcontar)

On 02/17/2012 02:13 PM, Carlos E. R. wrote:
> On 2012-02-17 20:56, 6tr6tr wrote:
>
>> I think you misunderstood me a bit though. I know what’s in my router’s
>> config. It’s the google DNS (8.8.8.8) and the two addresses for my ISP’s
>> DNS. These are set under “static DNS 1, 2, 3”. And yes, I’m using DHCP.
>
> My guess is that the router is telling your machine the DNS you actually
> get. You could try wireshark and find out.

To find out who owns the unknown name server, run the command

nslookup <IP_address>

That will tell you what domain it belongs to.

IMO you still need to take a look at how your router is configured.

Typically, your router should not be handing your clients any other addresses but itself, the dd-wrt should forward any DNS requests to any configured forwarders.

If your DHCP is handing more DNS to the client machines than just itself… Well, it’s possible but probably inadvisable. If the DNS service in your router isn’t working, more than likely the router itself is malfunctioning in general which would mean your entire Internet connection is down and unavailable to query remote DNS.

Yes, you <can> hand multiple DNS to your clients, I’m just saying it’s more often inadvisable than not (of course there can always be exceptional reasons).

IMO,
TS