FRITZ!Box 5490 Service - Knowledge Base
No DNS resolution of private IP addresses
The FRITZ!Box cannot be used for DNS resolution of domain names that point to private IP addresses in the FRITZ!Box home network. This means that the domain name cannot be used to access server services in the FRITZ!Box home network. One of the following error messages may be displayed:
- "DNS timed out"
- "DNS request timed out"
A computer in the FRITZ!Box home network (192.168.178.29) cannot access a web server in the same home network because the DNS request for this web server (my_domain.de) is answered with an IP address in the same home network (192.168.178.20).
- For security reasons, the FRITZ!Box suppresses DNS responses that refer to IP addresses in its own home network. This is a security function of the FRITZ!Box to protect against what are known as "DNS rebinding attacks".
1 Configuring the FRITZ!Box
- Click "Home Network" in the FRITZ!Box user interface.
- Click "Home Network Overview" in the "Home Network" menu.
- Click on the "Network Settings" tab.
- In the "Domain name exceptions" field, enter the name of the domain (for example my_domain) for which DNS rebind protection should not apply. If you would like to enter several domain names as exceptions, separate the domain names from each other with a line break.
- Click "Apply" to save the settings.
Now DNS requests for domain names contained in the list of exceptions will receive a response even if the DNS response points to an IP address in the FRITZ!Box home network.
Important:If you configure exceptions for DNS rebind protection in the FRITZ!Box, you should use a firewall on every computer in the home network.