Business Community > Gateways > ER605 new "LAN DNS" feature in 2.3.0 firmware
< Gateways

ER605 new "LAN DNS" feature in 2.3.0 firmware

ER605 new "LAN DNS" feature in 2.3.0 firmware

ER605 new "LAN DNS" feature in 2.3.0 firmware
ER605 new "LAN DNS" feature in 2.3.0 firmware
2025-05-21 08:08:28 - last edited 2025-05-21 08:17:41
Tags: #DHCP Service #DNS
Model: ER605 (TL-R605)  
Hardware Version: V2
Firmware Version: 2.3.0

hi all,

 

there is a new feature in 2.3.0 firmware for ER605 and I'm little bit confused.

I have complained about missing local DNS server for DHCP clients and I was happy to see "LAN DNS" in release notes of beta FW.

Unfortunately, it seems to be some static DNS server with each entry to be entered manually.

 

as I learned, that Omada routers are OpenWRT based, I was hoping for proper dnsmasq implementation, which will resolve all DHCP hosts on network.

But this still did not work, even if "the OpenWrt uses dnsmasq and odhcpd to serve DNS/DHCP and DHCPv6 by default".

 

Am I wrong? have I something misunderstand? What's the idea behind this "LAN DNS"? Because I don't see any benefit of it....

 

/BR ZoloNN ----------------------------------------------------------------------------------- Omada 2x ER605(UN) v2.0 + SG2008P(UN) V3.20 + SG2218 V1.20 + 2x SG2008 V4.20 + 3x EAP615-Wall(EU) V1.0
  0      
 
  0      
 
#1
Options
9 Reply
Re:ER605 new "LAN DNS" feature in 2.3.0 firmware
2025-05-21 15:25:22

  @ZoloNN 

 

In good network design, everything important, or that you would want to get to the web gui of, is on a static or reservation, so whats the difference ?

  0  
  0  
#2
Options
Re:ER605 new "LAN DNS" feature in 2 3 0 firmware
2025-05-22 09:12:08

Hi  @GRL 

 

all my servers (physical and virtual ones) and network devices are running on static addresses.

And there are several clients in two groups which are using DHCP: notebooks and IoT devices running Tasmota. Nevertheless I use DHCP for rapid deployment of various systems using netboot-xyz. Reason behind using DHCP for clients is to be flexible for any changes and to be able to roam between sites. To make reservations for clients isn't the best practice and an unnecessary administrative overhead.

The notebooks can update their information in AD integrated DNS (which is the primary DNS on network), but the IoT devices aren't capable of this.

Reason behind local DNS is the ability to monitor availability of devices, which couldn't register itself at AD DNS.

 

Before switching to Omada I've used Asus routers (the last one was RT-AC-66U_B1) based on OpenWRT - and there was fully functional dnsmasq (which is according OpenWRT docs a default DHCP/local DNS solution) acting as local DNS.

 

Unfortunately Omada ER605 even with last firmware still can't do this simple (and default) task.

 

there are then 2 questions to TP-Link:

 - is ER605 using dnsmasq for DHCP? (I assume: yes)

 - if yes, why is the DNS part of it disabled (not configured)?

/BR ZoloNN ----------------------------------------------------------------------------------- Omada 2x ER605(UN) v2.0 + SG2008P(UN) V3.20 + SG2218 V1.20 + 2x SG2008 V4.20 + 3x EAP615-Wall(EU) V1.0
  0  
  0  
#3
Options
Re:ER605 new "LAN DNS" feature in 2.3.0 firmware
2025-05-23 17:51:08 - last edited 2025-05-23 17:52:31

Regarding the LAN DNS feature... yes it is disappointing that there still is no automatic device propagation, but at least we can define SOME local DNS rules ourselves now.

 

However, what I don't truly understand, how they could've missed the ability of using wildcard subdomains ???

 

AND they limited amount of domains per one definition to 7 ?????

 

Now I have to have and manage 4 different definitions.

 

  1  
  1  
#4
Options
Re:ER605 new "LAN DNS" feature in 2.3.0 firmware
2025-06-06 08:47:16 - last edited 2025-06-06 08:48:14

 

Finally local DNS!

 

I've just updated my device with 2.3.0 

 

However I cannot find the LAN DNS option under Setting -> Wired & wireless networks -> Lan

Am I doing something wrong?

 

 

I tried rebooting and clearing my cache. Did I miss something?

  0  
  0  
#5
Options
Re:ER605 new "LAN DNS" feature in 2.3.0 firmware
2025-06-06 09:41:21 - last edited 2025-06-06 09:41:49

Hi @p2baron,

 

unfortunately this feature is a static "DNS" stuff not connected to DHCP and you have to enter manually the entries, which makes this feature absolutely useless.

if there were a link between DHCP and DNS, any lease reservation will have the same effect - just with consistency (if you use this feature in current state, removing a device from network needs to delete the device from two separate lists).

 

As I wrote in my previous post, my primary DNS on a network is AD integrated DNS where all windows machines can register. Unfortunately other devices aren't capable of this, for example mobile phones/tablets, IoT devices and not domain-joined machines. 

 

There is no possibility to get any real and accurate data about active devices on the network - the data shown in controller GUI are inconsistent and not accessible. The data gathered via SNMP - the same story............

 

for the DNS there is apparently unbound used, which is a validating, recursive, caching DNS resolver - what makes it ideal for business use over the dnsmasq used in home routers, which is DHCP server with a forwarder only DNS part needing an upstream DNS, usually the ISP's one.

 

For reference, look at this locked post

 

this is my last post about this topic, let's see what will the developer team do in the future.

/BR ZoloNN ----------------------------------------------------------------------------------- Omada 2x ER605(UN) v2.0 + SG2008P(UN) V3.20 + SG2218 V1.20 + 2x SG2008 V4.20 + 3x EAP615-Wall(EU) V1.0
  0  
  0  
#6
Options
Re:ER605 new "LAN DNS" feature in 2.3.0 firmware
2025-06-06 10:49:29

  @ZoloNN 

 

Thanks for yur reply.

Personally I'm happy anything. Static DNS works for me.

 

My issue is that I cannot configure static DNS after the firmware upgrade...The option is missing... 

I'll make a new post in stead hijacking this one..

  0  
  0  
#7
Options
Re:ER605 new "LAN DNS" feature in 2.3.0 firmware
2025-06-06 11:42:29

  @p2baron 

 

Solved!

In my case I had to upgrade the controller to the latest beta firmware.

 

This is the version that I'm now running on my OC200 v2 Cloud Controller

Firmware Version
1.35.5 Build 20250326 Rel.41966
  0  
  0  
#8
Options
Re:ER605 new "LAN DNS" feature in 2.3.0 firmware
Tuesday - last edited Tuesday

  @pdu__ 

> However, what I don't truly understand, how they could've missed the ability of using wildcard subdomains ???

 

I just created a feature request to add wildcard dns: https://community.tp-link.com/en/business/forum/topic/845536?page=1

  0  
  0  
#9
Options
Re:ER605 new "LAN DNS" feature in 2.3.0 firmware
Wednesday

Hi @gautamkrishnar,

 

just some notes to your request:

  • no larger network (SMB or enterprise) never ever rely on DNS located on router. They usually use AD integrated DNS server as primary DNS server
  • the whole DNS stuff on Omada gateway is IMHO misconfigured
    • it uses dnsmasq for DHCP server - but all address leases are private and not exposed anywhere (each stupid homerouter can do this)
      • that what you can see in the Controller's Clients list isn not what to expect - there are not all active DHCP clients listed and they're mixed with some hosts with static IP...
    • it uses unbound DNS server - but this is configured only to passthrough the queries to upstream server. What isn't implemented, and IMHO should is:
      • integrate unbound with dnsmasq to allow DNS resolution of DHCP hosts on the network
      • allow the strongest feature of unbound: the recursive feature (usage of root hints) to bypass the ISP's DNS servers (or any other foreign upstream DNS servers which may track your queries)

 

I personally do not use DNS feature of the Omada gateway, as the current configuration is IMHO not fit for any larger environment.

My DNS chain is following:

  • AD integrated DNS - it resolves all static entries for servers, split-DNS entries and all Windows clients using DHCP (yes, the can register in DNS by itself)
  • unknown queries are forwarded to piHole, which makes the filtering and
  • then non-blacklisted queries are forwarded to unbound DNS server which resides on piHole host

 

And I have found out, some people aren't familiar with recursive DNS operation, so I'll explain it quickly on example of looking for tp-link.com:

  • the request arrives at unbound, the unbound first looks in the cache, if is there, returns the answer immediately
  • if not, unbound asks one of root servers a question: "hey, which DNS is responsible for com TLD?"
    • root hints are 13 DNS servers on the top of the DNS hierarchy and contain information only about the DNS servers responsible for TLDs (Top Level Domains)
  • when answer is returned, unbound asks the DNS server responsible for com TLD: "hey, which DNS is responsible for tp-link.com domain?"
  • when answer is returned, unbound asks the final DNS server responsible for tp-link.com domain: "hey, what is a "A" record for tp-link.com host?"
  • answer is stored in cache and returned to requestor

 

/BR ZoloNN ----------------------------------------------------------------------------------- Omada 2x ER605(UN) v2.0 + SG2008P(UN) V3.20 + SG2218 V1.20 + 2x SG2008 V4.20 + 3x EAP615-Wall(EU) V1.0
  0  
  0  
#10
Options

Information

Helpful: 0

Views: 2164

Replies: 9

Tags

DHCP Service DNS
About Us
Press
Copyright © TP-Link Systems Inc. All rights reserved.