[Dnsmasq-discuss] server-side dynamic resolving
/dev/rob0
rob0 at gmx.co.uk
Tue Aug 14 14:16:02 BST 2012
> On Mon, Aug 13, 2012 at 05:17:49PM +0200, Chris Wilson wrote:
> > Running a real DNS server and dnsmasq on the same host might be
> > be tricky. You might need to add an IP alias on the server and
> > bind bind to that alias, and dnsmasq's DNS server to the main
> > IP address.
It's not tricky at all, and it's much simpler than that. I use an
alternate port for named:
[named.conf or included file]
listen-on 127.0.0.1 port 1035;
and tell dnsmasq to ignore resolv.conf and use named as its upstream
resolver:
[dnsmasq.conf or included file]
no-resolv
server=127.0.0.1#1035
You can use multiple listen-on directives in named.conf(5) if needed.
FWIW I have posted about this on this list in the past. I like
dnsmasq as DHCP server and for the relative ease of administration.
On Mon, Aug 13, 2012 at 07:10:58PM +0200, John Hallam wrote:
> * If you are wondering, why two caches, the reason is that dnsmasq
> allows me to redirect troublemaker domains to the black hole easily,
> while dnscache is a somewhat-paranoid full recursive caching
> resolver. (The dnsmasq has to forward queries to the dnscache; the
> reverse doesn't work straightforwardly.)
FSVO "full" and "paranoid". dnscache does not support DNSSEC
signature verification, does it? Is anybody hacking on it since its
abandonment?
--
http://rob0.nodns4.us/ -- system administration and consulting
Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:
More information about the Dnsmasq-discuss
mailing list