[Dnsmasq-discuss] Configure to return external IP instead of internal one

Brad Morgan b-morgan at concentric.net
Sun Aug 3 19:28:45 BST 2014

> Hi, I recently got a router running dd-wrt firmware, which includes dnsmasq as its DHCP and DNS server.

> I have my router as a NAT, and it has an external IP, let's say and an internal IP, I have also a domain name registered
> (3rd party DNS server, naturally outside of my LAN) that points to

> I'm running a web server behind the NAT, and I have set the port forwardings accordingly. It works, when I'll access it from outside of my LAN.

> However, when I try to access it from inside of the LAN using the domain name, it doesn't work. The problem is that when trying to resolve 
> the domain name, dnsmasq apparently knows that and point to the same piece of hardware, meddles with the
> query and returns the IP address instead of This is troublesome, since I want it to resolve to
> as points just to the router's web configuration interface. The port forwarding works only when accessed 
> using the IP address (I can verify that the address itself works as expected even from inside 
> of the LAN – it's just the domain name resolution that works differently than I'd like it to work.)

> How could I configure dnsmasq not to meddle with the resolution of FQDNs? (I don't want to disable it completely, because the LAN hostname
> resolution to private IPs is such a nice feature.) I already googled and read the man page, but didn't find any relevant setting.

My answer is going to make some assumptions because the information you have provided is not complete. My assumptions are:

1) The outside (wan) IP address of the dd-wrt router is 
2) The router running dd-wrt firmware has an internal (lan) IP address of
3) The web server has an internal (lan) IP address of 192.168.1.x (where X does not equal 1).

>From the outside, your domain name resolves to and packets sent to port 80 at that address are port forwarded to 192.168.1.x.

>From the inside, your domain name resolves to which is completely wrong, it should resolve to 192.168.1.x.

I'm going to guess that you have told the dd-wrt router that your internal domain name is the same as your external domain name. This would cause the problem you are seeing. Change your internal domain name to something different like your external domain name with the .eu or .com or whatever replaced by .localnet or your add "internal." to the beginning of your internal domain name. You can find supporting documentation for both cases on the web.

Once you have a separate internal name for your server, then you can add a host entry on the dd-wrt router for your external name that points to 192.168.1.x and access to your web server will be optimal from both inside and outside. If you don't add the host entry, dd-wrt will recognize that your external name is external, and return


More information about the Dnsmasq-discuss mailing list