default local DNS caching name server

Andrew Lutomirski luto at mit.edu
Mon Apr 14 16:25:16 UTC 2014 

On Mon, Apr 14, 2014 at 9:06 AM, Dan Williams <dcbw at redhat.com> wrote:
> On Mon, 2014-04-14 at 12:00 -0400, Paul Wouters wrote:
>> On Mon, 14 Apr 2014, Dan Williams wrote:
>>
>> > But another scenario I've seen:  older Netgear routers which intercept
>> > "www.routerlogin.net" as the setup page.  The instructions literally
>> > are:
>> >
>> > 1) connect your computer to the router with a cable
>> > 2) go to www.routerlogin.net
>> > 3) follow the setup guide instructions
>> >
>> > Any idea how dnssec-trigger + unbound would handle this?  Since it's
>> > router setup, maybe spawning the whole new window for the "portal" would
>> > work, but you'd want to make sure the window didn't go away or DNS
>> > didn't change until the user was done setting up the router.
>>
>> I don't know what they do when you query for anything else. If there is
>> no hotspot redirection on port 80/443 and their DNS server works
>> properly, and your wifi was secure, you would then get their forward
>> and the above would work. If it is an open wifi, we would not install
>
> Since the user is setting things up, they can pick whether it's open or
> protected wifi.  We don't control that.
>
>> the forward and you would not get there. but in the current setup, you
>> can pick "hotspot login" mode and it puts their DNS in place, and than
>> you will reach it. Note that manual hotspot login sessions require you
>
> Ok, that could be a problem.  This is a user setting up wifi on a router
> they just bought, so it has no upstream connection yet, is not yet
> configured at all, and they are just following the directions in the
> printed brochure they got with the router.  Which obviously won't say
> anything about "hotspot login" mode.
>
> Also, this is the procedure you follow if you reset the router to
> factory defaults, which support people sometimes tell you to do.  So
> we'd run into the issue if/when the user contacted Netgear technical
> support too.

If you want to get really fancy, you could try to detect a state in
which there is no connection to the internet, the router has an
address 192.168.*.1, and the router is listening on TCP port 80, and
suggest an alternate "you are connected to a possibly unconfigured
router" mode.

--Andy

More information about the devel mailing list