[Dnsmasq-discuss] dnsmasq listening on

Simon Kelley simon at thekelleys.org.uk
Tue Mar 18 17:10:37 GMT 2008

Robert Diamond wrote:
> I know that dnsmasq likes to do it's ip filtering in the user-space,
> but I'd rather be able to specify ip's for it to bind to, that show up
> in netstat. Maybe I'm just a little anal about that stuff, but it just
> doesn't look right to me :) (Yahp, I've even added iptables rules in my
> never ending effort to be crazy ^.~)
> http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2007q2/001322.html
> Shows some options to get the dns server part binding to an ip via the
> kernel. The dhcp server will still look like it's listening on all ip's
> (as will the dns forwarder; and possibly tftp server?).
> $ netstat -anlpA inet
> <snip>
> udp  0  0*  30768/dnsmasq
> udp  0  0*  30768/dnsmasq
> udp  0  0*  30768/dnsmasq
> udp  0  0*  30768/dnsmasq
> [Internet interface ip]:5353 is where forwarded dns queries get sent
> back to. I'd like "" to show and
> to show a.x.y.z:5353 (a.x.y.z being my internet/external ip). There was
> a patch somewhere in this list, that has been added to the code a few
> versions back that allowed multiple instances of dnsmasq to bind to
> I'd just prefer if there was a 'listen-dns; listen-dnsforward;
> listen-dhcp' (and maybe a 'listen-tftp') option that couples with
> 'bind-interface' to give my desired results.
> I'm going to be doing some looking over the code in an effort to
> include this functionality in a patch, but if someone else has done the
> work already, or if I've somehow missed an available option in my conf
> file please let me know :)

Splitting up the question:

DNS listening port - you've already solved that, with "bind-interfaces"
DNS upstream port  - That's possible, if you specify the servers via a
"server=" line in /etc/dnsmasq.conf then you can specify the local
address (and port) too.

server= at

tftp: "bind-interfaces" works for that too.

DHCP that always binds the wildcard - doing otherwise _may_ be possible,
but be prepared for much testing and strange behaviour. For instance,
you need to be able to receive packets whose destination address in



More information about the Dnsmasq-discuss mailing list