Find the answer to your Linux question:
Results 1 to 5 of 5

Thread: which is better

Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1

    which is better

    i have two questions to ask

    1) i am using dsl
    the router dns is 10.x.x.x
    isp dns is 203.x.x.x

    for masquareding client need dns entry
    now tell me which entry is better
    for router dns entry or isp dns entry .

    mean which provide better speed

    from my point of view isp dns is better because router dns first convert 10.x.x.x to 203.x.x.x and then send dns query to isp. am i right ?

    2) i want to to accept some mac addres from my clients on input chain as

    iptables - A INPUT -m mac --mac-source x.x.x.x.x -j Accept
    ---------------------------- ----

    now i want to drop all others clients mac how can i do that

  2. #2
    Super Moderator Roxoff's Avatar
    Join Date
    Aug 2005
    Nottingham, England
    You should leave your ISP IP-assigned for your router to use, and use private-range IP addreses for all the machines in the lan. Either set up DNS for your lan, or assign ip/name translations through your /etc/hosts file on each machine.
    Linux user #126863 - see

  3. #3
    Linux Engineer
    Join Date
    Apr 2005
    I don't think the speed of your connection depends on your IP.

    As for the router, the router has an internal IP (mostly 192.x.x.x) and an external one (the 203.x.x.x it will get from your ISP). They are not related in any way. Your router will check every incoming packet anyway, everything has to pass through the router...

    As for accepting traffic from peer computers on the LAN, just filter on their internal IP (192.x.x.x). No need to do that on the MAC address; unless your config changes every single minute, the DHCP server will give every connected PC always the same internal IP. I have two PC's on my LAN, and they always get the same IP; even if there 'alone' on the network. Your pc will ask for the same IP if possible, and he will get it if the DHCP hasn't already given it out.

    Edit: You can filter on the MAC addresses and drop all the other clients - just set your default policy to 'deny all'; then you explicitly have to specify what to accept though.
    Debian Jessie x86_64 & armhf :: LibreELEC is the solution for your Linux-based HTPC setups.

  4. $spacer_open
  5. #4
    dear borrowmini you didnot understand what i want to say

    i said dns resolving . if i said it mean request will go first to router then router will change this dns to isp real dns server like 203.x.x.x
    and then forward this request
    but if i use isp dns then router just forward this request to isp dns mean router is not busy to change router dns to isp dns

    here is the full story

    i am using squid for port 80 requests and gateway for other requests
    now for gatway we need every machine with dns . i have two dns one for router that is and other is 203.x.x.x ( isp dns ).my /etc/resolve is showing dns which is router dns.

    so i am little bit confuse which is better dns ???

  6. #5
    Linux Guru loft306's Avatar
    Join Date
    Oct 2003
    The DairyLand
    the router will have a caching dns server in it and they seem to be the quickest
    stay away from isp's dns servers if you can they are notorious for going down and being slow
    ~Mike ~~~ Forum Rules
    Testing? What's that? If it compiles, it is good, if it boots up, it is perfect. ~ Linus Torvalds

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts