OpenWRT uses DNSMASQ as a DNS forwarder to an upstream DNS. Instead Turris OS uses an open source solution developed in-house, the Knot resolver. When the administrator of a Turris Omnia router needs to use the LuCI web interface, this results into a constraint: the LuCI interface of OpenWRT cannot be used for anything related to DNS settings. Only reForis (and the command line) should be used for configuring DNS.
This choice of KNOT over DNSMASQ has at least two practical consequences for the administrator:
DHCP-Options
field. Most often, this address will be the Turris Omnia's address in the interface's own subnet.
Well, there is one more thing to know. In the event that the administrator resets, in the LuCI web interface, the DNS service listening port to 53 (DHCP and DNS screen > Advanced Settings tab > DNS server port
field), this is the only change to DNS settings that will cause a major effect. Turris OS then silently disables KNOT and re-enables DNSMASQ instead. For the administrator, this has several practical consequences:
In a nutshell, the proper way to handle DNS configuration on the Turris Omnia is as follows:
If for some reason KNOT has been deactivated and DNSMASQ has taken over its role as a DNS forwarder, it is possible to roll back that way, with the command line:
uci set dhcp.@dnsmasq[0].port='0' uci commit /etc/init.d/dnsmasq restart /etc/init.d/resolver restart
The actual resolver in use can be checked with the following command:
netstat -ulpn
The response should contain a line with the local address “0.0.0.0:53” (port 53), followed by the KNOT service name “kresd” (for Knot Resolver Daemon).