OpenWRT DNS Forwarding with Unblock-us for Hulu/Netflix access


You can unlock Netflix and Hulu in Australia (and other countries) by using a VPN or a DNS proxy such as Unblock-us. I use the latter as it's simpler to setup and faster. The simplest way to get it working is to just sign-up for an Unblock-us account and follow their instructions to set their custom DNS servers in your router, so most of your devices (laptops, tablets, etc.) will have access to Netflix/Hulu without any other configuration required.

Issue with this is, I don't want all my traffic being routed through these custom DNS servers. With OpenWRT (and other open-source firmware such as DD-WRT, Tomatoe, etc), it's possible to achieve this through DNS forwarding rules that will only use the Unblock-us DNS servers for the domains you specify (namely, hulu.com, netflix.com, etc).

For OpenWRT, ssh as root into the router, and edit /etc/config/dhcp. Mine looks like this:

###################################################
config dnsmasq
        option domainneeded '1'
        option boguspriv '1'
        option localise_queries '1'
        option rebind_protection '1'
        option rebind_localhost '1'
        option local '/lan/'
        option domain 'lan'
        option expandhosts '1'
        option authoritative '1'
        option readethers '1'
        option leasefile '/tmp/dhcp.leases'
        option resolvfile '/tmp/resolv.conf.auto'
        list server '/netflix.com/111.118.175.56'
        list server '/netflix.com/118.127.33.48'
        list server '/hulu.com/118.127.33.48'
        list server '/hulu.com/111.118.175.56'
        list server '/s.hulu.com/118.127.33.48'
        list server '/s.hulu.com/111.118.175.56'

config dhcp 'lan'
        option interface 'lan'
        option start '100'
        option limit '150'
        option leasetime '30d'

config dhcp 'wan'
        option interface 'wan'
        option ignore '1'
###################################################

The important stuff is the list server '/domain.com/unlock-us-dns-ip' lines in the dnsmasq section. 

If you want Chromecast devices to work too, you'll need to forward 8.8.8.8 and 8.8.4.4 to the Unblock-us DNS IPs (since Chromecast has the Google DNS servers hard-coded and can't be changed). This can be done through custom firewall rules. On my OpenWRT config, these are located in /etc/firewall.user, which looks like this:

iptables -t nat -I PREROUTING 1 -d 8.8.8.8 -j DNAT --to-destination 111.118.175.56
iptables -t nat -I PREROUTING 2 -d 8.8.4.4 -j DNAT --to-destination 118.127.33.48


Comments

Popular posts from this blog

Wkhtmltopdf font and sizing issues

Import Google Contacts to Nokia PC Suite

Can't delete last blank page from Word