[Dnsmasq-discuss] dnsmasq forwarding queries over VPN/IPSec
Ken Bantoft
ken at netfunctional.ca
Mon Sep 28 15:45:52 BST 2009
Hi,
I've run into a case where I'd like dnsmasq to forward queries over an
IPSec VPN tunnel to nameservers on the far side, but this doesn't seem
to work as expected.
I've got 2 Interfaces - br-lan (192.168.1.1) and ppp0 (PPPoE -
216.x.x.x). IPsec is terminated on the same machine, so it has a
tunnel from 192.168.0.0/24 to 10.0.0.0/8.
dnsmasq is set to forward all queries to 10.x.x.10 and 10.x.y.10
nameservers, which are across the tunnel in the datacenter. What I'm
seeing with tcpdump is the requests going out the ppp0 interface, with
the 216.x.x.x IP address. I've tried a variety of options (bind-
interfaces, listen-address), as I really want dnsmasq to bind only to
the br-lan interface, and use that address as the Source IP for the
forwarded queries, but no combination I've tried does the trick.
Any suggestions?
Ken
More information about the Dnsmasq-discuss
mailing list