(adapted from the dnsmasq mailing list which archive seems to be down so I am not sure it is still active)
Hello,
I set up dnsmasq on my home network to replace the isc/bind legacy
system 🙂 when changing the architecture. The setup relies on a debian box
which acts as the router/firewall/"master of all truth" (DNS, ntp,
…):
- an ADSL access to Internet with the public IP assigned to eth1
- a wired network 192.168.0.0/24 bound to eth0 (which has the
192.168.0.10 address) - a wired network 192.168.1.0/24 bound to wlan3 (which has the
192.168.1.10 address) - the domain name for the internal network is "home"
- firewalling is handled by shorewall
The dnsmasq configuration is:
domain-needed
bogus-priv
local=/home/
expand-hosts
domain=home
dhcp-range=eth1,192.168.0.70,192.168.0.150,240h,set:lan
dhcp-range=wlan3,192.168.1.10,192.168.1.50,240h,set:wifi
dhcp-option=42,0.0.0.0
dhcp-option=27,1
dhcp-option=19,0 # option ip-forwarding off
dhcp-option=44,0.0.0.0 # set netbios-over-TCP/IP nameserver(s) aka
WINS server(s)
dhcp-option=45,0.0.0.0 # netbios datagram distribution server
dhcp-option=46,8 # netbios node type
dhcp-option=252,"\n"
dhcp-option=vendor:MSFT,2,1i
dhcp-authoritative
What works:
- clients in the subnets (both wired and wireless) get IP addresses
via DHCP in the expected ranges - external (Internet = forwarded) DNS resolution works for these
clients and for the server
What does not work:
- the "home" domain name does not seem to be correclty handled.
/etc/hosts
has a192.168.0.10 server.home
entry which is not apparently used by dnsmasq, i.e.dig server
does not return the name,dig server.home
does not either. - I did not manage to send a name resolution dependent on the network it is sent to. Namely the
server
entry avove should ideally be pointing to 192.168.0.10 for the wired and 192.168.1.10 for the wireless network. The setup today works but is not really correct (the traffic to the server from the wireless network reaches the server through the wired interface).
I am sure that this is something obvious but I am brand new to dnsmasq
and would appreciate very much any pointers. There was a similar question some time ago but the accepted answer would suggest that dnsmasq is not handling these basic requirements (local domain, PTR updates) properly (?)
Thank you
Best Answer
I finally solved the first and key problem by:
/etc/resolv.conf
to/etc/resolv.dnsmasq
nameserver 127.0.0.1
line in/etc/resolv.conf
/etc/dnsmasq.conf
I addedresolv-file=/etc/resolv.dnsmasq
This forces the server to resolve DNS names on the local DNS ...
... which is dnsmasq ...
... which uses upstream servers defined in
/etc/resolv.dnsmasq
The second problem remains but it is of lesser importance.