Need additional NS-es in /etc/resolv.conf (fix included)

[GoogleCodeExporter]

What steps will reproduce the problem?
1. Can't add easily my custom NS-es (IPv6 and google ones) to /etc/resolv.conf

What is the expected output? What do you see instead?
I need few additional NS-es to provider ones in /etc/resolv.conf 
(/tmp/resolv.conf) but there is no way to configure them through web interface 
and the file is rewritten on connection up. Only /usr/local/sbin/post-firewall 
hack with killall -HUP dnsmasq works, which adds unneeded killall.

What version of the product are you using?
RT-N16-1.9.2.7-rtn-r5066.trx

Please describe the problem as detailed as it's possible.
If you have connection problem, then syslog file is required. (please do
attach it as a file)
I suggest sourcing /usr/local/etc/resolv.conf in rc/nerwork.c 
update_resolvconf() function, i.e. add one line there:
fappend("/usr/local/etc/resolv.conf", fp);

Original issue reported on code.google.com by ache...@gmail.com on 25 Sep 2013 at 6:18

[GoogleCodeExporter]

it's possible to configure up to 2 static ipv4 & up to 3 static ipv6 upstream 
dns via web ui, why don't you use it? playing with resolv.conf is considered as 
possibly harmful, for vpn connections, at least.

Original comment by themiron.ru on 28 Sep 2013 at 3:54

[GoogleCodeExporter]

>it's possible to configure up to 2 static ipv4
I need to keep 2 provider NSes present, not override them.

>up to 3 static ipv6 upstream dns
Where you count 3 ones? What I have in the web ui, is only 1:

WAN DNSv6 Setting
Get DNS Server automatically?   YesNo
DNSv6 Server1:

Moreover, it have problems when setting to anything but blank. When it is 
non-blank it announced both via DHCPv6 and via radvd, not only added to 
resolv.conf. But I want the router to announce its own address only, passing 
all name resolving to dnsmasq. Well, it is possible by setting 'DNSv6 Server1' 
field blank, but there is no NS to add to resolv.conf that way.

>playing with resolv.conf is considered as possibly harmful, for vpn 
connections, at least.
People who able to make /usr/local/etc/resolv.conf usually knows what is 
harmful for them, if not - it is their fault.

Original comment by ache...@gmail.com on 28 Sep 2013 at 4:10

[GoogleCodeExporter]

ok, seems you're using outdated firmware release.
if you need more reliable IPv6 configuration, use night buids from 
http://asus.vectormm.net/rtn/

> People who able to make /usr/local/etc/resolv.conf usually knows what is 
harmful for them,
in practice, they doesn't
anyway, use /usr/local/etc/dnsmasq.conf to set any count of additional dns/dhcp 
options including additions dns servers:
server=ns1
server=ns2...

Original comment by themiron.ru on 30 Sep 2013 at 7:21

• Changed state: Done
• Added labels: Type-Support, Priority-Low
• Removed labels: Type-Defect, Priority-Medium

[GoogleCodeExporter]

>use /usr/local/etc/dnsmasq.conf to set any count of additional dns/dhcp 
options >including additions dns servers:
>server=ns1
>server=ns2...
That way as is helps outside of the router, but not helps for programs running 
inside of it. To use dnsmasq as resolver inside of the router too 
/etc/resolv.conf must be not a link to /tmp/resolv.conf with provider's NSes, 
but be something like:
nameserver 127.0.0.1
nameserver ::1
or simple not exist at all (local resolver used by default). Solved by
rm -f /etc/resolv.conf
in /usr/local/sbin/post-boot
BTW, why you ever create /etc/resolv.conf link having dnsmasq on the board?

Original comment by ache...@gmail.com on 30 Sep 2013 at 5:17

[GoogleCodeExporter]

dnsmasq is caching nameserver, and could happed it's not running.
so, using 127.0.0.1 is rly bad general idea, fw contains no internal software 
that need to use DNS servers outside ISP/local ones.

> /usr/local/sbin/post-boot
every DHCP/VPN DNS update changes /tmp/resolv.conf, so post-boot is bad idea 
too, I'd suggest /usr/local/sbin/post-firewall istead

> why you ever create /etc/resolv.conf
legacy reasons, ability to have router local resolv different from dnsmasq's 
one.

Original comment by themiron.ru on 3 Oct 2013 at 4:35