[Dnsmasq-discuss] dnsmasq forwarding queries over VPN/IPSec
simon at thekelleys.org.uk
Mon Sep 28 16:03:33 BST 2009
Ken Bantoft wrote:
> I've run into a case where I'd like dnsmasq to forward queries over an
> IPSec VPN tunnel to nameservers on the far side, but this doesn't seem
> to work as expected.
> I've got 2 Interfaces - br-lan (192.168.1.1) and ppp0 (PPPoE -
> 216.x.x.x). IPsec is terminated on the same machine, so it has a
> tunnel from 192.168.0.0/24 to 10.0.0.0/8.
> dnsmasq is set to forward all queries to 10.x.x.10 and 10.x.y.10
> nameservers, which are across the tunnel in the datacenter. What I'm
> seeing with tcpdump is the requests going out the ppp0 interface, with
> the 216.x.x.x IP address. I've tried a variety of options (bind-
> interfaces, listen-address), as I really want dnsmasq to bind only to
> the br-lan interface, and use that address as the Source IP for the
> forwarded queries, but no combination I've tried does the trick.
> Any suggestions?
Stop dnsmasq from looking for servers in /etc/resolv.conf with
in /etc/dnsmasq.conf and then specify them using "server=" lines in
/etc/dnsmasq.conf like this
server=10.x.x.10 at br-lan
server=10.x.y.10 at br-lan
We've been here before....
More information about the Dnsmasq-discuss