[Dnsmasq-discuss] Conditional DNS response by source

Albert ARIBAUD albert.aribaud at free.fr
Wed Feb 8 08:33:09 GMT 2017


Hi,

Or if you want to keep a single LAN overall, you could run a second
dnsmasq instance on the same device but a different (additional) LAN
IPs, running DNS only, and configure the DHCP part of the original
dnsmasq instance to tag DHCP leases given to the children machine(s) and
to pass such tagged clients the alternate IP as the DNS instead of the
original IP.

The second dnsmasq instance would only catch the youtube domain and use
the original instance as its upstream for anything else, so that any LAN
DNS record configured on the original dnsmasq would automatically be
see by the children machine(s) too.

Amicalement,
Albert.

Le Wed, 8 Feb 2017 00:53:24 +0000
Eric Luehrsen <ericluehrsen at hotmail.com> a écrit:

> Correct <tag> is used for DHCP options and network or host binding.
> DNS is not linked as such. If you are using OpenWrt/LEDE as your
> gateway, then you have an easier to use option. LEDE 17.01(RC)
> supports building dnsmasq instances on designated networks. So
> instead of HOME and GUEST SSID on your WiFi, you could have PARENT
> and CHILD SSID for example. Then configure dnsmasq uniquely to each.
> 
> https://lede-project.org/docs/user-guide/dns_configuration (keyword 
> instance)
> 
> 
> 
> On 02/07/2017 05:10 PM, Kevin Elliott wrote:
> > Hello,
> >
> > I would like to return a different DNS response according to source.
> > The objective is to override youtube.com <http://youtube.com> for
> > all queries from my children's devices to make a simple parental
> > control.
> >
> > dnsmasq DHCP supports tag sets, but as far as I can tell the tag
> > conditional switch does not apply to any of the DNS config, e.g.
> > forward DNS queries from hosts with tag X to server Y.
> >
> > Is anything like this possible with dnsmasq?
> >
> > I thought about running a 2nd dns server on a different port and use
> > dhcp dns-server option to redirect but I couldn't see how to
> > specify a non-standard port in the DHCP dns-server option either.
> >
> > Thanks for any advice,
> > Kevin
> >
> >
> > _______________________________________________
> > Dnsmasq-discuss mailing list
> > Dnsmasq-discuss at lists.thekelleys.org.uk
> > http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
> >  
> 
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss



More information about the Dnsmasq-discuss mailing list