[Dnsmasq-discuss] DNSmasq on a VPS instead of bind
marsepein at gmail.com
Sat Jan 6 01:47:32 GMT 2007
Some followup issues:
# If you want dnsmasq to listen for DHCP and DNS requests only on
# specified interfaces (and the loopback) give the name of the
# interface (eg eth0) here.
# Repeat the line for more than one interface.
# Or you can specify which interface _not_ to listen on
# Or which to listen on by address (remember to include 127.0.0.1 if
# you use this.)
# If you want dnsmasq to provide only DNS service on an interface,
# configure it as shown above, and then use the following line to
# disable DHCP on it.
In the above, what do I do?
I have two physical network interfaces on the machine:
venet0:0 ... inet addr: 88.1x.2x.8x
venet0:1 ... inet addr: 88.1x.2x.9x
they are both connected to the world and should not allow requests
from the outside going in (the other way around is of course needed
Then I have the one non-physical interface, 127.0.0.1 i.e. localhost.
Which one do I enter what way in the interfaces config?
I also need none of them to echo anything on DHCP.
Can I disable DHCP for dnsmasq entirely with a switch?
And then, also: Carlos Carvalho <carlos at fisica.ufpr.br> wrote:
> Yes, use no-resolv and no-poll, plus server = <ipaddr> in the config.
> If you want certain domains answered by certain servers you can do
> server = /domain/<ipaddr>.
What is the syntax for 3 addresses? (This is not very clear to me
from the manual or example config. How should the user know what
the devloper likes to use? I for one see this "/" used for the first time.)
Is this what it should look like:
server = /18.104.22.168/22.214.171.124/126.96.36.199
> You have to tell the MTA which domains the machine responsible for,
> and then it won't look anywhere and do local delivery directly. The
> dns (whatever it is) is not the place to do this.
Not only MTAs, there are virus and spamfilters etc.
many applications that can throw in a local domain,
and then - to me anyway - it's unclear what happens
with the resolving if it's a local domain.
If it resolves to the public IP, will it then go through the NIC and back?
What physical routes do the packets actually take?
> ># Add domains which you want to force to an IP address here.
> ># The example below send any host in doubleclick.net to a local
> ># webserver.
> >(and how do I enter more names and more IPs?)
> Use other address lines but as I said I don't recommend in this case.
OK, so the /etc/hosts file does that.
> That's fine.
But does that suffice? Will it block DNS requests from outside?
I never really understood that, since packets simply go straight
from the NIC address to localhost. At what layer does dnsmasq
'block' queries? Does it function as a software firewall in that regard?
Thanks for your interest in my noob dnsmasq questions.
More information about the Dnsmasq-discuss