Jump to content

This is the support site for Andrews & Arnold Ltd, a UK Internet provider. Information on these pages is generally for our customers but may be useful to others, enjoy!

Stopping Open DNS - ZyXEL P660R-C: Difference between revisions

From AAISP Support Site
Content deleted Content added
AA-Andrew (talk | contribs)
mNo edit summary
AA-Andrew (talk | contribs)
Line 5: Line 5:
This is an older router, and it's a bit more tricky to disable WAN side DNS lookups.
This is an older router, and it's a bit more tricky to disable WAN side DNS lookups.


We would suggest that you purchase a new router from, the P660R-D1 is available from [http://aa.net.uk/broadband-accessories.html AAISP].
'''We would suggest that you purchase a new router from, the P660R-D1 is available from [http://aa.net.uk/broadband-accessories.html AAISP]. '''


This will need a filter added, via the telnet interface. AAISP have seen routers needing to be factory reset and re-configured before adding this rule. Generally, AAISP would suggest replacing this router, with a ZyXEL P660R-D1 or a Technicolor.
This will need a filter added, via the telnet interface. AAISP have seen routers needing to be factory reset and re-configured before adding this rule. Generally, AAISP would suggest replacing this router, with a ZyXEL P660R-D1 or a Technicolor.

Revision as of 14:52, 30 September 2013

660R-61C

This is an older router, and it's a bit more tricky to disable WAN side DNS lookups.

We would suggest that you purchase a new router from, the P660R-D1 is available from AAISP.

This will need a filter added, via the telnet interface. AAISP have seen routers needing to be factory reset and re-configured before adding this rule. Generally, AAISP would suggest replacing this router, with a ZyXEL P660R-D1 or a Technicolor.

Add two filters, one to block DNS to your WAN IP address, and the other to your LAN Address:

1 Y IP Pr=0, SA=0.0.0.0, DA=[YOUR WAN ADDRESS], DP=53 N D N
1 Y IP Pr=0, SA=0.0.0.0, DA=[YOUR LAN ADDRESS], DP=53 N D F

ie:

eg, create a new filter set with the following information:

Filter #: 6,1
Filter Type= TCP/IP Filter Rule
Active= Yes
IP Protocol= 0 IP Source Route= No
Destination: IP Addr= [YOUR WAN ADDRESS]
IP Mask= 255.255.255.255
Port #= 53
Port # Comp= Equal
Source: IP Addr= 0.0.0.0
IP Mask= 0.0.0.0
Port #=
Port # Comp= None
TCP Estab= N/A
More= No Log= None
Action Matched= Drop
Action Not Matched= Check Next Rule

Add a second filter in the set that uses Destination: IP Addr as the LAN address of your router, and set the Action Not Matched to Forward.

Then add the filter number to the Remote Node (Menu 11, then edit filter set, AAISP Node, then go to Edit Filter Sets and change it to Yes. Pressing Enter will then take you to a screen where you can enter in the Filter rule number you created.)

The router will restart, but may need a powercycle.