Tag Archives: iptabless

Assigning custom DNS server to a client with Dnsmasq, or: Using Netflix US on a Chromecast

Server, , , , ,

I have a Chromecast stick and a Netflix subscription. I do not live in the US, and the catalogue offered in my country is a lot smaller than the one in the US. There are ways to make Chromecast and Netflix think it is located in the US. One of these ways is smart DNS. I use Smart DNS Proxy for this. Instead of your provider’s DNS server, you use Smart DNS Proxy’s server, and all kinds of online services and web sites now believe you are located in the US.

This works very well for devices where you can set the DNS settings yourself. This is not possible for the Chromecast. Worse, Chromecast ignores the DNS settings from your router or provider, and always uses Google’s own DNS servers. There are ways to undo this, as described by Smart DNS proxy on their web site. The problem with this approach is that all devices within the network are then using the Smart DNS proxy servers. I wanted a way to only assign the custom proxy servers to hosts I specify. All other devices should use the default DNS servers.

If your have a router with custom firmware, this is possible. I use OpenWRT for this, but DD-WRT should work as well. As long as it is running Dnsmasq and iptables, it works. There are two things to do: 1) assign custom DNS servers to a specific client, and 2) make sure that the Chromecast can no longer use Google’s DNS server.

Assigning a custom DNS server to a client
The first step is to assign a custom DNS server to a client. This is done based on the client’s MAC address. I use Dnsmasq for that. Log in to the router via SSH or telnet and open the file /etc/dnsmasq.conf. At the end of the file, add

# Set custom DNS servers for specific hosts
dhcp-host=6c:ad:aa:aa:aa:aa,set:smartdns #Chromecast
dhcp-host=6d:ac:aa:aa:aa:aa,set:smartdns #Tablet

There should be one entry for every device that should use the custom DNS server. For every MAC address, a tag is set. Here ‘smartdns’ is used, but this can be any name.
Next, make sure that clients are actually assigned a different DNS server. This can either be done via the web interface, or on the same file mentioned above. For the graphical interface, go to Network > Interfaces > Edit LAN > DHCP Server Advanced Settings. In the field DHCP-Options, put tag:smartdns,option:dns-server,23.21.43.50,54.229.171.243. The tag name should be the same as used above. The IP addresses are the custom DNS servers to use for this client. The same can also be set in /etc/dnsmasq.conf by setting

dhcp-option=tag:smartdns,option:dns-server,23.21.43.50,54.229.171.243

To ensure that all clients actually use this order of DNS servers, and no other, Strict order should be enabled under Network > DHCP and DNS > Advanced Settings

Make Chromecast use custom DNS servers
Now that certain devices can have a custom DNS server, the next step is to make sure that Chromecast can use this, instead of Google’s DNS server. iptables is used to forward any requests from the Chromecast to Google’s DNS server to the SmartDNS servers. In OpenWRT this can be done in the web interface via Network > Firewall > Custom rules. Add the following rules (make sure the Chromecast’s MAC address and custom DNS servers are okay):

# For Chromecast, use SmartDNS nameservers
iptables -t nat -A PREROUTING -m mac --mac-source 6c:ad:aa:aa:aa:aa -d 8.8.8.8 -j DNAT --to-destination 23.21.43.50
iptables -t nat -A PREROUTING -m mac --mac-source 6c:ad:aa:aa:aa:aa -d 8.8.4.4 -j DNAT --to-destination 54.229.171.243

Restart the router, and the Chromecast should be able to play US based content. Of course, if you want to control it from your phone or tablet, also place this device behind the custom DNS servers.