
Feature request: Custom DNS setup for guest profile
I would like to make a feature request. Please add the option to set up a guest network with custom DNS setup.
This is badly missed. For instance, I need to block Google DNS and Open DNS on router level. This breaks the guest network functionality, as these DNS servers for some reason or other are required by the Eero to provide Internet access to clients. When Google's DNS servers are blocked, the Eero guest network only offers (isolated) local connections.
Thank you!
-
Why do you need to block Google DNS and OpenDNS?
Eero, like all routers, need external DNS servers so that they can connect to the internet and other networks outside your private network in your home/office. If you block those external DNS servers (Google, OpenDNS, etc), you will lose all connectivity to the internet.
I don't know if DNS can be done just on the guest network or not. Most routers don't have that kind of functionality.
-
There are many reasons for blocking these dns servers. One is privacy. Another is security guidelines from an employer. A third is the need to prevent rogue applications from sending hidden data back home to try and bypass application policies. There are probably many more. A fourth, which comes in handy on a guest network, is the ability to set up a personal dns server to have more control over what kind of traffic is permitted on my guest network.
Google and OpenDNS are not the only DNS providers on the planet. Since the functionality to bypass the DNS servers I use are obviously present (since Google'sDNS server address is written into the guest functionality, my main/home network functions perfectly even when these servers are blocked on router level), I struggle to understand why this is difficult to implement, since all it would take is for the user to be able to (a) replace 8.8.8.8/8.8.4.4 with another ip address, and (b) make that functionality available in the app. Perhaps there's just stuff I don't understand?
-
With my eero I have the issue that it actually provides the same nameserver like the main network, even though the private network has an internal nameserver which handles local services. The guest network should use open dns / umbrella nameserves but I cant seem to define that separately for the guest network. This is problematic, because the guest network has no access to the internal nameserver of the private network and therefor guest cannot access anything at the moment, because the dns is not answering.
Is there any way to circumvent this?
-
I concur with the request to customize DNS for the Guest network. We have a 5 eero set-up at our church, and I came very close to returning the eeros when I realized that we lose the OpenDNS logging and protection for the guest network. I have OpenDNS configured to block inappropriate and malicious content, and that's extremely appropriate to have on our guest network as well as the primary internal network.
-
Use case:
Main network: Use a DNS provider such as Google, CloudFlare, whatever.
Secondary network: Use a paid DNS provider with parental controls so I can block the 300 or so web comics sites my child is addicted to. Notice that this requires a custom blacklist because it is not covered by the various categories that paid parental control DNS typically offers.
Or you could reverse the scenario. The need for the uncontrolled network is to make it easy to inspect a site so that it can be re-allowed on the parental controls site.
Incidentally, this would be an interesting feature for the Eero itself.