Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Configuring the Centurylink-sold Technicolor C2100T DSL modem to use real DNS

Configuring the Centurylink-sold Technicolor C2100T DSL modem to use real DNS

Here's how to get real DNS set up on a Technicolor C2100T modem. This works at minimum when you're doing PPPoE (the usual method) on a C2100T modem sold or rented to you by Centurylink.

Motivation

When you look up a nonexistent domain name, proper DNS service tells you it doesn't exist by returning Nonexistent Domain (NXDOMAIN).

In contrast, even on business lines, Centurylink's DNS service will snipe NXDOMAIN. Centurylink's servers (nameservers at 205.171.2.25 & 205.171.3.25 at least) return a Centurylink web server IP addresses when you should be getting NXDOMAIN.

This is done in order to serve advertisements to web browsers, under the pernicious guise of being "helpful" with "search". This breaks error detection by other applications than web browsers, since a false IP address is returned in place of NXDOMAIN.

This is a too-common practice among telcos seeking to monetize as much as they can, and damn the consequences to anyone else. It's worth getting real DNS to avoid this abuse and breakage.

Steps

Use the web GUI to make changes as follows for configuring real DNS servers.

  1. Log in to the web GUI on the Technicolor C2100T (typically http://192.168.0.1/) and select "Advanced Setup".

  2. Select "WAN Settings".

  3. If the "ISP Protocol" menu is set to "Auto Select" and the "Protocol Selected" is PPPoE, you can safely change the ISP Protocol pop-up menu to PPPoE. This will expose additional settings.

  4. In "4. Select the IPv4 DNS type", select "Static DNS". This will expose settings for modem and DHCP client "Primary DNS" & "Secondary DNS".

  5. Make a note of Centurylink's DNS server IPs for later, in case you have to put them back.

  6. Put your desired real DNS servers in the fields for primary and secondary

  7. Apply the changes

Addendum: Some recommendations for DNS servers

  • Use your own DNS caching recursive resolvers.

    • Typically, these won't report to others which domains you're interested in, beyond what is in the query sent to upstream and authoritative resolvers.
    • Query logging is done at your option, and placed where you wish it to be saved.
    • They can be configured to avoid disclosing the full domain being queried up to the roots and TLD resolvers (otherwise a privacy leak).
    • They can be configured using separate services to block malware domains.
  • Use Cloudflare's public service

Server IP Notes
1.0.0.1 Doesn't do query logging (Cloudflare is not an advertising company). Typically reachable. https://blog.cloudflare.com/announcing-1111/
1.1.1.1 Doesn't do query logging (Cloudflare is not an advertising company). Sometimes erroneously blocked upstream of you as an "example IP" by routers or by ISPs like Centurylink. https://blog.cloudflare.com/announcing-1111/
  • Use Cisco/OpenDNS's public service
Server IP Notes
208.67.220.220 Could track and monetize for Cisco which domains you're interested in (Cisco is not an advertising company). Provides some malware and content related domain blocking. https://www.opendns.com/
208.67.222.222 Could track and monetize for Cisco which domains you're interested in (Cisco is not an advertising company). Provides some malware and content related domain blocking. https://www.opendns.com/
  • Use Google's public service
Server IP Notes
8.8.4.4 Could track and monetize for Google which domains you're interested in (Google is an advertising company which keeps a dossier on you) but so far Google claims to not log beyond operational details. https://developers.google.com/speed/public-dns/
8.8.8.8 Could track and monetize for Google which domains you're interested in (Google is an advertising company which keeps a dossier on you) but so far Google claims to not log beyond operational details. https://developers.google.com/speed/public-dns/
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment