Dnsmasq: how to handle the local domain (A, PTR)

dnsmasq

(adapted from the dnsmasq mailing list which archive seems to be down so I am not sure it is still active)

Hello,

I set up dnsmasq on my home network to replace the isc/bind legacy
system 🙂 when changing the architecture. The setup relies on a debian box
which acts as the router/firewall/"master of all truth" (DNS, ntp,
…):

  • an ADSL access to Internet with the public IP assigned to eth1
  • a wired network 192.168.0.0/24 bound to eth0 (which has the
    192.168.0.10 address)
  • a wired network 192.168.1.0/24 bound to wlan3 (which has the
    192.168.1.10 address)
  • the domain name for the internal network is "home"
  • firewalling is handled by shorewall

The dnsmasq configuration is:

domain-needed
bogus-priv
local=/home/
expand-hosts
domain=home
dhcp-range=eth1,192.168.0.70,192.168.0.150,240h,set:lan
dhcp-range=wlan3,192.168.1.10,192.168.1.50,240h,set:wifi
dhcp-option=42,0.0.0.0
dhcp-option=27,1
dhcp-option=19,0           # option ip-forwarding off
dhcp-option=44,0.0.0.0     # set netbios-over-TCP/IP nameserver(s) aka
WINS server(s)
dhcp-option=45,0.0.0.0     # netbios datagram distribution server
dhcp-option=46,8           # netbios node type
dhcp-option=252,"\n"
dhcp-option=vendor:MSFT,2,1i
dhcp-authoritative

What works:

  • clients in the subnets (both wired and wireless) get IP addresses
    via DHCP in the expected ranges
  • external (Internet = forwarded) DNS resolution works for these
    clients and for the server

What does not work:

  • the "home" domain name does not seem to be correclty handled.
    /etc/hosts has a 192.168.0.10 server.home entry which is not apparently used by dnsmasq, i.e. dig server does not return the name, dig server.home does not either.
  • I did not manage to send a name resolution dependent on the network it is sent to. Namely the serverentry avove should ideally be pointing to 192.168.0.10 for the wired and 192.168.1.10 for the wireless network. The setup today works but is not really correct (the traffic to the server from the wireless network reaches the server through the wired interface).

I am sure that this is something obvious but I am brand new to dnsmasq
and would appreciate very much any pointers. There was a similar question some time ago but the accepted answer would suggest that dnsmasq is not handling these basic requirements (local domain, PTR updates) properly (?)

Thank you

Best Answer

I finally solved the first and key problem by:

  • copying /etc/resolv.conf to /etc/resolv.dnsmasq
  • setting only one nameserver 127.0.0.1 line in /etc/resolv.conf
  • in /etc/dnsmasq.conf I added resolv-file=/etc/resolv.dnsmasq

This forces the server to resolve DNS names on the local DNS ...

... which is dnsmasq ...

... which uses upstream servers defined in /etc/resolv.dnsmasq

The second problem remains but it is of lesser importance.

Related Question