[Dnsmasq-discuss] Setting the "domain" value depending on the subnet?
richardvoigt at gmail.com
richardvoigt at gmail.com
Wed Jun 22 04:03:45 BST 2011
The man page says you can configure a domain suffix for each range:
-s, --domain=<domain>[,<address range>[,local]]
Specifies DNS domains for the DHCP server. Domains may be be given
unconditionally (without the IP range) or for limited IP ranges. This
has two effects; firstly it causes the DHCP server to return the
domain to any hosts which request it, and secondly it sets the domain
which it is legal for DHCP-configured hosts to claim. The intention is
to constrain hostnames so that an untrusted host on the LAN cannot
advertise its name via dhcp as e.g. "microsoft.com" and capture
traffic not meant for it. If no domain suffix is specified, then any
DHCP hostname with a domain part (ie with a period) will be disallowed
and logged. If suffix is specified, then hostnames with a domain part
are allowed, provided the domain part matches the suffix. In addition,
when a suffix is set then hostnames without a domain part have the
suffix added as an optional domain part. Eg on my network I can set
--domain=thekelleys.org.uk and have a machine whose DHCP hostname is
"laptop". The IP address for that machine is available from dnsmasq
both as "laptop" and "laptop.thekelleys.org.uk". If the domain is
given as "#" then the domain is read from the first "search" directive
in /etc/resolv.conf (or equivalent).
The address range can be of the form <ip address>,<ip address> or <ip
address>/<netmask> or just a single <ip address>. See --dhcp-fqdn
which can change the behaviour of dnsmasq with domains.
If the address range is given as ip-address/network-size, then a
additional flag "local" may be supplied which has the effect of adding
--local declarations for forward and reverse DNS queries. Eg.
--domain=thekelleys.org.uk,192.168.0.0/24,local is identical to
--domain=thekelleys.org.uk,192.168.0.0/24 --local=/thekelleys.org.uk/
--local=/0.168.192.in-addr.arpa/ The network size must be 8, 16 or 24
for this to be legal.
On Tue, Jun 21, 2011 at 7:36 PM, Jamie Begin
<jjbegin at rightbrainnetworks.com> wrote:
> I apologize if this is a frequent question, but I couldn't find any decent
> keywords to search with ("domain" is too broad).
>
> I have something similar to this in my config:
> interface=vlan191,lan
> interface=vlan192,wifi
> dhcp-range=lan,192.168.1.200,192.168.1.250,12h
> dhcp-range=wifi,192.168.2.200,192.168.2.220,12h
>
> I'd like to be able to set something like this:
> domain=lan,lan.mycompany.com
> domain=wifi,wifi.mycompany.com
>
> However, it doesn't appear that I can have more than one "domain" directive
> in the config, since I get the following error: "dnsmasq: illegal repeated
> keyword at line 128 of /etc/dnsmasq.conf" Is there a workaround?
>
>
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
>
>
More information about the Dnsmasq-discuss
mailing list