[Dnsmasq-discuss] DNS pattern response

Eric Laganowski eric at laganowski.net
Fri Dec 4 16:27:01 GMT 2009

richardvoigt at gmail.com wrote:
> On Thu, Dec 3, 2009 at 10:06 PM, Perette Barella <perette at barella.org> wrote:
>> I think there's a misunderstanding on how the WPAD DNS version operates. The "wpad.domain.localnet" is used by the browser at startup to locate the proxy configuration file which applies to all domains.  You don't need a separate wpad.google.com and wpad.amazon.com for every domain users are trying to connect to.
>> If for some reason your local hosts are configured with different domain names (and therefore looking up wpad.google.com or wpad.amazon.com), I think we need more explanation on just what strangeness you've got going on.
> In general, I think we can say that users who have ignored the
> DHCP-provided domain and configured their own intend to opt-out of
> wpad.  Browser proxy settings are at the discretion of the user
> anyway, if you want a mandatory proxy setup you'll need to use
> iptables to accomplish that, not DNS.
> There's no need to wildcard match wpad hostnames, which are subject to
> user-side DNS caching anyway (a user who has configured for
> domain=google.com probably already has wpad.google.com cached and
> won't get information from dnsmasq).
> Any solution to this which involves DNS is inherently broken.
Guys, all I want to do is to be able to use my company-provided laptop 
at home which has proxy in the network. It is configured with a 
different domain than my local subnet for obvious reasons.
DHCP was tested and confirmed to work properly with MSIE. FF does not 
work as it relies purely on DNS (wpad). The idea is to make this as 
transparent as possible.


More information about the Dnsmasq-discuss mailing list