Using OpenDNS with BT Infinity for Business

I’ve got BT Infinity for Business as my home Internet connection. It comes with an incredibly annoying BT Business Hub 3.0. While there are a few things it does fairly well (e.g., granting me access to BTWifi throughout the UK), there are a number of things that irritate me. The main thing I’m going to write about here is overriding the DNS settings. Unlike every other telco-provided DSL/WiFi router that I have ever owned, the BT Business Hub (just like the BT Home Hub) does not allow you to specify which DNS servers you use. It assigns BT’s DNS servers. Now, I haven’t had any problems with BT’s servers, but I really love OpenDNS’s ability to screen out ads, malware, and undesirable content (e.g., porn, scams, etc.). BT doesn’t offer that, but they don’t let you change it, either. I finally figured out how to make it work.This solution isn’t for everyone. There are a bunch of people out there who know how to

hack the BT Home Hub routers. And they have varying degrees of success. If that works for you, don’t do it my way. I couldn’t hack my router, and I’m always a bit reluctant to do it anyways. If it stops working, I’m going to be really mad.

My Setup

I have a server on my network that is always running. It runs FreeBSD, which is a great unix operating system for servers. It occurred to me that I can make it give out IP addresses on the local WiFi by running ISC DHCPD. There are just a couple steps, really.

In my case, I use the usual local subnet (192.168.1.0) for the local systems, but I have a 5-address public subnet from BT. Let’s call that 128.32.45.8829. So my gateway is 128.32.45.94 and my server is 128.32.45.89. For all the random systems on the WiFi (e.g., iPhones, laptops, game systems, etc.) they need to have 192.168.1.254 as the default router, and 208.67.220.220 and 208.67.222.222 as the DNS servers.

1. Setup FreeBSD

I put a couple lines in my /etc/rc.conf file to set up an alias on the fxp0 interface (my hardwired ethernet):

ifconfig_fxp0="128.32.45.89 netmask 0xfffffff8"<br /> ifconfig_fxp0_alias0="192.168.1.1 netmask 0xffffff00"<br /> defaultrouter="128.32.45.94"

That gives my ethernet interface 2 IP addresses. One on the public Internet and one on the private LAN.

2. Install isc-dhcpd

Installing software in FreeBSD is really easy with the ports system. I simply ran:

sudo portupgrade -N isc-dhcpd42-server

And then I watched it build and install.

3. Configure isc-dhcpd

I put a few options in /usr/local/etc/dhcpd.conf.

option domain-name-servers 208.67.220.220, 208.67.222.222;
max-lease-time 14400;
# Need to tell dhcp clients which of my 2 IP addresses they should talk to.
server-identifier 192.168.1.1;
# Use this to enble / disable dynamic dns updates globally.
ddns-update-style none;

# If this DHCP server is the official DHCP server for the local
# network, the authoritative directive should be uncommented.
authoritative;

# Use this to send dhcp log messages to a different log file (you also
# have to hack syslog.conf to complete the redirection).
log-facility local5;

# No service will be given on this subnet, but declaring it helps the
# DHCP server to understand the network topology.

shared-network "bt" {
  # This tells the dhcp server about the Internet addresses,
  # but tells it not to give out any IPs on it.
  subnet 128.32.45.88 netmask 255.255.255.248 {
  }

  # Anybody can get an IP address on this network.
  subnet 192.168.1.0 netmask 255.255.255.0 {
  option domain-name-servers 208.67.220.220, 208.67.222.222;
  option routers 192.168.1.254;
  default-lease-time 14400;
  max-lease-time 14400;
  pool {
       range 192.168.1.10 192.168.1.249;
       }
  }
}

Because I’m using aliases on my ethernet interface to get the two different IP addresses, that “shared-network” declaration around the two subnets is really important.

4. Configure FreeBSD to start dhcpd

You have to at least put dhcpd_enable="YES" into your /etc/rc.conf file.

Start up the DHCP server. Make sure it starts correctly.

5. Disable DHCP in the BT Business Hub

Click on:

  1. Settings (and enter your password)
  2. Advanced Settings (and click the advanced settings button)
  3. Business Network
  4. IP Addresses

There you will see an option labeled “DHCP Server” and you can choose “no” for “Enabled”. Then you click Apply.

At this point, if dhcpd is running correctly, all the DHCP leases will be given out by your server, not by your hub. In my case, many of my devices came to the DHCP server saying (effectively) “hey, I’m using IP address x.x.x.x, can I keep using it?” and my DHCP server said “yes” because there was no conflict. So most devices didn’t even change IP addresses.

Advantages

The advantages are obvious. You can set your DNS servers to anything you want. You can even integrate nicely with dynamic DNS services like DynDNS.

Disadvantages

You don’t have a nice graphical way to see the IP addresses assigned to different devices. If you go to the BT Hub Manager interface, it will look like nothing is connected to your hub. You can’t see their MAC addresses, IP addresses, names or anything. That’s kinda annoying. You can see it in ugly form in the /var/db/dhcpd/dhcpd.leases file.

The BT Home/Business Hub has an access control feature that will allow you to limit Internet access to specific devices at specific times of the day. Because your hub no longer has any idea what devices are out there, this feature doesn’t work any more. You can’t use it.

If you want some hosts to have IP addresses on the public Internet and others to get private IPs, you have to do all that in your DHCP config file. The nice little GUI that you had for the home hub doesn’t work any more. For me, I only have 5 IPs in the first place, and I’m not changing them around a lot. So this is kind of a one-time setup issue.