[Dnsmasq-discuss] dnsmasq, NetworkManager and VPNs

Simon Kelley simon at thekelleys.org.uk
Thu Mar 6 11:28:23 UTC 2014


On 06/03/14 01:39, Tony Breeds wrote:
> Hi All,
>          I'm a new user of dnsmasq and I can't see an easy way to do what
> I want to do.
>
> My situation is (probably not that uncommon) I need to connect to a work
> VPN and while I'm connected to said VPN I need to query work's DNS
> servers for company.com addresses but all other queries should go
> through my normal (as supplied by DHCP) DNS servers.
>
> I tried adding a config file like:
> server=/company.com/DNS_SERVER_1 at interface
> server=/company.com/DNS_SERVER_2 at interface
> server=/I.P.ADDR.in-addr.arpa/DNS_SERVER_1 at interface
> server=/I.P.ADDR.in-addr.arpa/DNS_SERVER_2 at interface
>
> Now my problem is that if that file exists when dnsmasq starts and my
> VPN interface isn't up, dnsmasq prints an error and exits.  This is
> especially painful as I'm starting dnsmasq from NetworkManager (by
> setting dns=dnsmasq in the NetworkManager config file)
>
> I can run a script that adds and removes the config file on VPN up/down
> events but I can't find a way to re-read all the config files for a
> running dnsmasq process.
>
> My next thought was to use the dbus interface to "inject" the above
> configuration to the running dnsmasq server, but I don't see a syntax
> that will remove the configuration when I take down my VPN.

Answering the "how do I remove configuration" question specifically,
You call the DBus method again with a different list. Each time you call 
the DBus method, all the upstream servers which were installed _by DBus_ 
are purged,,  and the new set installed in their stead.
>
> So any advice? this must be possible, perhaps I just need to be more
> creative.

Dave, advice is good. Check the Networkmanager docs carefully in case it 
supports this already. I have a vague feeling but not evidence that it 
should. I think NM starts dnsmasq with the --bind-interfaces flag. If 
you can convince it not to do that, you may avoid the error at startup.


Cheers,

Simon.

>
> Tony.
>
>
>
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
>




More information about the Dnsmasq-discuss mailing list