0

I have a server on my network. Accessing it from devices outside the network by domain name works perfectly. Some devices though, like my phone, connect to the network by wifi, and when they do, they fail to lookup that the domain name should point to a specific internal IP address. (This is because my ISP provided router lacks the ability to do hairpinning).

I cannot edit /etc/hosts on the devices connecting by wifi, although I can on the server.

To try and work around this, I'm trying to replace my router's default DNS server with DNSmasq on my server.

I want DNSmasq to forward all requests for my domains to itself, and any other domains to a public dns lookup service like openDNS.

Essentially, I'd like devices like phones that connect to my WiFi to still be able to connect to my domains, despite no hairpinning on my router, and no ability to edit the phones /etc/hosts files.

Currently, the only thing's I've changed are that:

  1. The router's DNS server IP's point to my server's static, internal IP.
  2. The server has my domains pointing to it's own static internal IP in /etc/hosts
  3. I've opened ports 52-54 and pointed them to my server (although it's also currently DMZ'd, so that shouldn't matter)
  4. /etc/host, /etc/resolv.conf and /etc/dnsmasq.conf are all still default.

Currently all requests for any of my domains timeout, by any device on the network, where I haven't modified the /etc/hosts file.

Any suggestions?

For the record I'm running Debian 8 with Nginx on a Bell Smartstream 2000 modem.

Improve this question
2
  • 52-54? What's the purpose of that? The only port used by standard DNS from that range is 53.
    – grawity_u1686
    Commented Oct 7, 2018 at 16:55
  • 52-54 was just because for whatever reason, my router will only allow a range of ports to be forwarded, not just one. If I try and just enter port 53 it won't save it. If I enter 52-54 it does. ¯_(ツ)_/¯
    – Theyre In My Head
    Commented Nov 24, 2018 at 16:42

1 Answer 1

Reset to default
1

In dnsmasq, use the address option.

-A, --address=/<domain>[/<domain>...]/[<ipaddr>]

Specify an IP address to return for any host in the given domains. Queries in the domains are never forwarded and always replied to with the specified IP address which may be IPv4 or IPv6. To give both IPv4 and IPv6 addresses for a domain, use repeated -A flags.

For example:

address=/example.com/www.example.com/192.168.1.42

In Unbound, use the local-zone and local-data options. For example:

server:
    local-data: "example.com. A 192.168.1.42"
    local-data: "www.example.com. A 192.168.1.42"
Improve this answer
2
  • I tried adding this (with the domain names changed from your example) to /etc/dnsmasq.conf and still get the same result. Locally hosted sites work fine. Anything else times out. Here's the traceroute from my router for wikipedia.org: pastebin.com/zaSyiEJR
    – Theyre In My Head
    Commented Nov 24, 2018 at 16:57
  • What does the traceroute have to do with anything? The path to the website – how the HTTP requests are sent – is completely separate from how the DNS queries are performed. You need to be more specific about which of them actually times out.
    – grawity_u1686
    Commented Nov 24, 2018 at 17:02

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .