AmpliFi DNS server strips RFC1918 results in replies to clients


  • The new dns bypass setting is working great. Thanks 🙂


  • This is a nice feature but I think it would be better if you could just specify the DHCP clients DNS settings.

    Typically what I do is run PiHole and I normally would point it at the router, the router I would point to Google and the client I point to the PiHole.

    Doing this allows PiHole to easily build local lan lists and seems to be pretty seamless.


  • FYI: Looks like the DNS cache bypass was in the 2.6.1 firmware release I got today. I can now get my internal DNS servers via DHCP. I just wish they would leave all the settings in the app where it can be easily found and set instead of having to https into the router to enable that setting.


  • @jason-foy As I have understood, the items they are testing are in the router, the things that are final are in the app.


  • @hanz-shcaerp Sorry about that. I didn't catch the response here. The new setting worked for me and addressed the issue I had.


  • The DNS bypass setting is not working for us. Maybe because we use the static connection type.

    How to solve this issue?


  • ✅ A DNS query which resolves to an address outside the network is working

    $ nslookup 100.0.1.4.xip.io 10.0.1.1
    Server:		10.0.1.1
    Address:	10.0.1.1#53
    
    Non-authoritative answer:
    Name:	100.0.1.4.xip.io
    Address: 100.0.1.4
    

    ❌ A DNS query which resolves to an address inside the network is NOT working

    $ nslookup 10.0.1.4.xip.io 10.0.1.1
    Server:		10.0.1.1
    Address:	10.0.1.1#53
    
    Non-authoritative answer:
    *** Can't find 10.0.1.4.xip.io: No answer
    

    ✅ Cloudflare DNS is working

    $ nslookup 10.0.1.4.xip.io 1.1.1.1
    Server:		1.1.1.1
    Address:	1.1.1.1#53
    
    Non-authoritative answer:
    Name:	10.0.1.4.xip.io
    Address: 10.0.1.4
    

    ✅ Google DNS is working

    $ nslookup 10.0.1.4.xip.io 8.8.8.8
    Server:		8.8.8.8
    Address:	8.8.8.8#53
    
    Non-authoritative answer:
    Name:	10.0.1.4.xip.io
    Address: 10.0.1.4
    

Log in to reply