2

I am new and am experimenting with hosting LAMP servers. I have hosted an apache server on a Fedora 24 machine. For fun, I wanted to have a domain name for the server, say, www.testpage.ac.in. Now, I figured that having a corresponding name resolving entry on my /etc/hosts file would be of help. And, it worked. I, further, wanted to extend the same for all other machines running on my LAN. While making a similar entry to the corresponding /etc/hosts file of all other computers would have been easier, I wanted to do things differently. I wanted to have a DNS-kind of functionality. Since I do not want to change the configuration settings of our institution's router, I decided to experiment with dnsmasq after learning about it online. So, here is how my config files look like-

/etc/hosts

192.168.1.190 www.testpage.ac.in    
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4    
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6

/etc/resolv.conf

nameserver 127.0.0.1

/etc/dnsmasq-resolv.conf

nameserver 8.8.8.8
nameserver 192.168.1.1

/etc/dnsmasq.conf

resolv-file=/etc/dnsmasq-resolv.conf
interface=enp2s0
listen-address=127.0.0.1

Output from journalctl -u dnsmasq

Mar 29 20:04:26 AUTO dnsmasq[3398]: started, version 2.76 cachesize 150
Mar 29 20:04:26 AUTO dnsmasq[3398]: compile time options: IPv6 GNU-getopt DBus no-i18n IDN DHCP DHCPv6 no-Lua TFTP no-conntrack ipset auth DNSSEC loop
Mar 29 20:04:26 AUTO dnsmasq[3398]: reading /etc/dnsmasq-resolv.conf
Mar 29 20:04:26 AUTO dnsmasq[3398]: using nameserver 8.8.8.8#53
Mar 29 20:04:26 AUTO dnsmasq[3398]: using nameserver 192.168.1.1#53
Mar 29 20:04:26 AUTO dnsmasq[3398]: read /etc/hosts - 2 addresses

Next, I changed the DNS settings of every other computer on LAN to that of the host machine (192.168.1.190).

/etc/resolv.conf of all other machines

nameserver 192.168.1.190

I am able to access www.testpage.ac.in from the host machine(192.168.1.190). I can also access internet from this machine.

I expect to access internet, as I normally do, from every other computer on my LAN, but, am unable to do so. Also, I cannot access the hosted server by its domain-name (www.testpage.ac.in) while I can do so if I enter its IP-address.

I believe that the computers on my LAN are not able to resolve the DNS queries properly which is effectively causing trouble. Any insight on the issue will be greatly appreciated.

Improve this question
1
  • Have you allowed DNS traffic (TCP and UDP port 53) through your computer's firewall?
    – Moshe Katz
    Commented Apr 4, 2017 at 5:49

1 Answer 1

Reset to default
2

I postulate you have a firewall on the machine you are using as a server which is blocking inbound requests on port 53 [ DNS ]. From a command line, run iptables -vnL to have a look at the setup of your firewall. You can temporarily use 

iptables -I INPUT -p udp --dport 53 -j ACCEPT 
iptables -I INPUT -p tcp --dport 53 -j ACCEPT

To allow traffic on port 53 through your firewall.

Also check that your dnsmasq.conf file either does not have any "interface=" lines, or that there is a line for your LAN Interface.

Improve this answer
2
  • Isn't opening port 53 or 80 a bad idea? I think it involves security issues.
    – Shayan
    Commented Sep 1, 2019 at 20:22
  • 1
    @Shayan security us about tradeoffs. If you want a server to run, you need to give it access to. Also, if the server is behind a NATTED lan as is the case here, the scope for compromise isvery limited (by virtue of the fact that someone needs to be on the LAN to get to the relevant IP). Opening a port is not inherently insecure - but you are correct it can have risks (depending on the port).
    – davidgo
    Commented Sep 1, 2019 at 20:46

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .