3

(adapted from the dnsmasq mailing list which archive seems to be down so I am not sure it is still active)

Hello,

I set up dnsmasq on my home network to replace the isc/bind legacy system :) when changing the architecture. The setup relies on a debian box which acts as the router/firewall/"master of all truth" (DNS, ntp, ...):

  • an ADSL access to Internet with the public IP assigned to eth1
  • a wired network 192.168.0.0/24 bound to eth0 (which has the 192.168.0.10 address)
  • a wired network 192.168.1.0/24 bound to wlan3 (which has the 192.168.1.10 address)
  • the domain name for the internal network is "home"
  • firewalling is handled by shorewall

The dnsmasq configuration is:

domain-needed
bogus-priv
local=/home/
expand-hosts
domain=home
dhcp-range=eth1,192.168.0.70,192.168.0.150,240h,set:lan
dhcp-range=wlan3,192.168.1.10,192.168.1.50,240h,set:wifi
dhcp-option=42,0.0.0.0
dhcp-option=27,1
dhcp-option=19,0           # option ip-forwarding off
dhcp-option=44,0.0.0.0     # set netbios-over-TCP/IP nameserver(s) aka
WINS server(s)
dhcp-option=45,0.0.0.0     # netbios datagram distribution server
dhcp-option=46,8           # netbios node type
dhcp-option=252,"\n"
dhcp-option=vendor:MSFT,2,1i
dhcp-authoritative

What works:

  • clients in the subnets (both wired and wireless) get IP addresses via DHCP in the expected ranges
  • external (Internet = forwarded) DNS resolution works for these clients and for the server

What does not work:

  • the "home" domain name does not seem to be correclty handled. /etc/hosts has a 192.168.0.10 server.home entry which is not apparently used by dnsmasq, i.e. dig server does not return the name, dig server.home does not either.
  • I did not manage to send a name resolution dependent on the network it is sent to. Namely the serverentry avove should ideally be pointing to 192.168.0.10 for the wired and 192.168.1.10 for the wireless network. The setup today works but is not really correct (the traffic to the server from the wireless network reaches the server through the wired interface).

I am sure that this is something obvious but I am brand new to dnsmasq and would appreciate very much any pointers. There was a similar question some time ago but the accepted answer would suggest that dnsmasq is not handling these basic requirements (local domain, PTR updates) properly (?)

Thank you

Improve this question

2 Answers 2

Reset to default
3

I finally solved the first and key problem by:

  • copying /etc/resolv.conf to /etc/resolv.dnsmasq
  • setting only one nameserver 127.0.0.1 line in /etc/resolv.conf
  • in /etc/dnsmasq.conf I added resolv-file=/etc/resolv.dnsmasq

This forces the server to resolve DNS names on the local DNS ...

... which is dnsmasq ...

... which uses upstream servers defined in /etc/resolv.dnsmasq

The second problem remains but it is of lesser importance.

Improve this answer
1
  • 1
    Thanks to Simon Kelley (the author od dnsmasq) the second problem is solved as well: localise-queries must be added to the dnsmasq configuration file (details are in man dnsmasq)
    – WoJ
    Commented Jul 29, 2012 at 18:03
0

"copying /etc/resolv.conf to /etc/resolv.dnsmasq"

this is only useful on debian. a decent non intrusive setup lets dnsmasq read the resolv.conf file which should start with 127.0.0.1

the home domain probably does not work because of your search settings in /etc/resolv.conf ( not the one dnsmasq currently uses )

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .