I have a windows 10 machine and I would like to have it use the open internet connection for most things and the AREDN mesh for AREDN. Windows is very chatty and is constantly communicating over the network. For some reason the DNS server on the open internet will resolve any address ending in .mesh to the address 23.221.222.250. .mesh is not a standard top level domain like .com and .net for example.
Windows seems to route the packets correctly to the proper device. I've set the open internet access as the top priorty and the AREDN as secondary. When I do this the .mesh addresses get resolved incorrectly. I can reach the AREDN devices by using specific IP addresses. I think if I could stop the primary DNS from resolving the AREDN addresses incorrectly I could make this work.
I would rather avoid another device like an additional router or a raspberry Pi
Two questions: why are the .mesh addresses getting resolved by the public DNS and how should I configure my windows 10 box to avoid using the AREDN network?
John
WB5HSI
Followup..... Fill kind of silly. In the past DNS was not so helpful and now invalid addresses get resolved into an error page complete with ads. Oh well. So now I know the answer to the "invalid" top level domain or any invalid url.
It appears that your upstream Internet provider is intercepting invalid DNS queries. One thing you can do to stop that is to configure an external DNS server at either the router level or the client level. For example Google's Public DNS servers are 8.8.8.8 and 8.8.4.4. Some Internet gateways (such as AT&T internet services) do not permit you to chose an external DNS server. In that case, you would set that manually in each network card's settings. In Windows, instead of the default, "Obtain DNS server address automatically" you would enter a external DNS servers manually.
Are you using multiple networks on the same computer (one for your usual network and the other for AREDN)?
If you are using multiple networks and want all ".mesh" addresss to go to the AREDN nework, you can prioritize the DNS queries by network.
Select the AREDN connection and open the Properties. (Incidentally, turn off IP6 for AREDN - it doesn't use IP6). Select, "Internet Protocal Version 4" and click Properties. Then click Advanced. Uncheck "Automatic Metric" and then enter ANY number into the Interface metric (i.e. 10).
---mark
Thanks for your reply. Yes I am running Windows 10 and have a wireless connection to the open internet via my local network and a dongle with a microuter GL-USB-150 plugged into one of the USB ports. I set the Interface metric for the AREDN port to 2 and the WiFi port to 1. If I disconnect the WiFi or give it a bogus DNS server address it will timeout and resolve the local address. I tried a number of DNS servers including Google, OpenDNS and Cloudflare and got the same result. It returns an IP address, but not the one I was expecting. If ping wb5hsi-nsm2.local.mesh I get 23.202.231.169. This resolves to an empty page. I don't understand that behavior. I was expecting to get an "error" page. If I type wb5hsi-nsm2.local.mesh into the browser with the wifi active and working I get an error page. Seems like I should be able to "trap" the .mesh top level domain and send it to the AREDN node.
While it's clearly bad form to clutter up the AREDN network with windows requests, what I really want to do is ensure that only relevant information goes out over AREDN particularly in an emergency situation. So I want to discipline my windows box to restrict requests to certain things. Obviously other devices on the AREDN network and things like WinLink.
Thanks in advance for the education!
73's
WB5HSI
For MESH access, you're gonna need a tunnel or direct RF with another node nearby on the same SSID. Have you set either of those up?
The "pi hole" local DNS setup works extremely well and you can point your router and/or your LAN devices to it instead of using BigTech, local spying ISPs etc for DNS: https://pi-hole.net/
Works well for me at several installs. Only issue is when you're running some advanced features with VPN services like ProtonVPN, but that's another story.
PiHole runs on almost any recent PI, no need to get the biggest/latest/$$$ model.
HTH,
- Don - AA7AU