[Dnsmasq-discuss] Recursive DNS on dnsmasq

Jeroen van der Ham vdham at uva.nl
Tue Feb 25 17:36:17 UTC 2014


On 25 Feb 2014, at 17:04, Albert ARIBAUD <albert.aribaud at free.fr> wrote:
> It is possible, however I think it is not the province of dnsmasq
> itself, but of packagers who integrate dnsmasq in distributions -- and of system admins, who can and should go beyond simply installing the package.

The problem is that dnsmasq is now increasingly being used on systems where you have less than clueful system administrators. You see now that OpenWRT includes it in their system, but also newer versions of Ubuntu come with it installed by default.

dnsmasq serves as a DHCP and DNS server, so it should really know for who it should serve recursive queries, right?

> Personally, I have configured not only dnsmasq but also iptables and ip6tables so that my local dnsmasq does not serve as an open DNS.

I assume a secure by default configuration for almost everything I install.


More information about the Dnsmasq-discuss mailing list