[Dnsmasq-discuss] dns server

Hartmut Krafft hartmut at mail.ru
Mon May 11 20:23:27 BST 2015


On Mon, 11 May 2015 13:49:59 -0300
Thiago Farina <tfransosi at gmail.com> wrote:

Hi Thiago,

> Hi Hartmut!
> 
> Thanks a lot for giving me a good overview of the changes I need to
> make in order to make it happen. I think you understood right what I'm
> trying to configure in my home network.
> 
> private, off-list, but feel free to redirect it to the mailing list if
> you feel so.
> 

Well, I'd rather keep it on the list because it will get archived, and,
maybe, someone with similar questions won't have to ask ;-). And others
can correct me should I write BS ;-)

> On Tue, Apr 28, 2015 at 3:14 PM, Hartmut Krafft <hartmut at mail.ru>
> wrote:
> > Hi,
> >
> > you should sort out your setup and assign the functions to your
> > machines so that they don't get in each other's way.
> >
> > So, you've got the router and the server, and the clients in the
> > LAN. Let the router's DNS be unknown to the other machines in the
> > LAN. Let the server be the LAN's DNS and forward queries to the
> > router. To achieve this, run your LAN DNS and DHCP daemon on the
> > server. Don't try to persuade the router to use the server's DNS,
> > this will be too convoluted.
> I've been sleeping on this.
> 
> How the LAN clients will know the Server?

The server machine hands out the information by DHCP to the clients in
the LAN, just like your router does it now.

OK: one difficulty might be hidden here: is the router also your Wifi
access point? Then, you'll have to consider some more things. I've been
assuming that the LAN clients connect to the server directly. If
the server and the Wifi access point are in the same subnet and the
DHCP info handed out has the correct gateway for that subnet, all should
be fine.

> 
> Is there articles you could be point to (to save you some time), that
> I could read on how to configure this?

Well, googling for 'dnsmasq dhcp setup' gives a plethora of articles
which will hopefully add little answers to your great puzzle ;-)

> 
> Looks like there are some things I need to do:
> 
> * Stop using Network Manager on my Ubuntu server.
> * Stop using the router as the DHCP server.
> * Run dhcp and dns servers with dnsmasq on ubuntu server.
> 
> Could you help me achieve this?
> 
> >
> > That way, you get
> > LAN clients -> Server -> Router -> upstream (e.g. Internet Access
> > Provider's DNS, as set in the router) for DNS and
> > LAN clients -> Server for DHCP.
> >
> > And you could also use the server for other things like filtering,
> > firewall, ad blocking etc., by configuring it as forwarder and
> > gateway.
> >
> > To achieve this (temporary outages may occur;-)):
> > On the router, disable DHCP.
> >
> > On the server machine, configure the LAN interfaces statically and
> > disable or purge network-manager.
> >
> I have configured eth0 with a static IP. I'm still considering
> disabling network-manager, I just don't know how I will have to manage
> the internet connection without it.

Well, I don't really know a lot about network-manager, but I think it
might mess around with your resolv.conf, so it might be better to
disable it. But you can also try leaving it as it is. If you've
configured your LAN interface (I assume the server machine has got only
one?) statically, with the router as gateway, and dnsmaq is running on
the server, then you're halfway done already.
And: if you've already configured the NIC statically, and still can get
to the internet, this shows you don't need network-manager (assuming
that this is the only NIC in the server machine, that is...)

Now, tell your router to stop doing DHCP (can't help you there, don't
know how Cisco does that).

> 
> > On the server machine, enable DNS and DHCP (i.e. dnsmasq). Set the
> > upstream DNS to the IP address of the router.
> >
> OK, that should be probably server=192.168.0.1?

If that's the router's ip addres: yes.
You coukld also add more server lines like the ever-popular
server=8.8.8.8
server=8.8.8.4

> 
> > Either configure DHCP to advertise the router as LAN gateway
> > (easier), or (more complicated) enable IP forwarding and use the
> > server as LAN gateway (which must then in turn have the router set
> > as gateway).
> >

a) If dnsmasq is set up to do DHCP (I've forgotten if it is by
default, maybe you'll have to open up a dhcp-range to achieve this),
then add

dhcp-option=3,ip-address-of-router

to /etc/dnsmasq.conf and the clients will get this address as their
gateway = default route. If you do not set this, I think dnsmasq will
give the machine it runs on as gateway. 

b) To have the server forward the packets, do *not* set this, but tell
it to forward packets ;-) How? On Debian, edit /etc/sysctl.conf and look
for the following:

# Uncomment the next line to enable packet forwarding for IPv4
net.ipv4.ip_forward=1

Let's hope it's the same in Ubuntu ;-) System has to be restarted to
make this work.


use the dhcp log setting in dnsmasq.conf, restart dnsmasq and use
$ sudo tail -f /var/log/daemon.log
(again, on Debian) to watch what happens when a new client connects.

> Ouch :(
> 
> I have no idea how to do this.
> 
> > Advertise the server as LAN DNS.
> >
> Ouch :(

I *think* (IIRC) that dnsmasq does this by default.

Best,
Hartmut



More information about the Dnsmasq-discuss mailing list