[Dnsmasq-discuss] Best way to handle dual-wans with dnsmasq

Petr Mensik pemensik at redhat.com
Mon Aug 26 11:06:33 BST 2019


Hi John,

unless you want too much work, I would suggest using separate domain for
management names. If you are not afraid management network would be
accessible to all users, just use --server=/mgmt.example.net/1.2.3.4 and
--server=5.6.7.8 for normal names (or just read /etc/resolv.conf for
them). If names are not in separate domain, I doubt there is good
solution. using --server/host-mgmt-1.XY/1.2.3.4 may work, but I think
you should ask administrators to create easier system in such case :)

I think I have understood it right, your dnsmasq is just dns proxy for
both networks and does not serve any DHCP or DNS to those networks, right?

On 8/26/19 4:58 AM, John Knight wrote:
> Hi,
> 
> I have a system that has two WAN interfaces... one WAN is used for management, and the other WAN is used for normal internet access.  Each WAN has its own DNS and DHCP Servers upstream.  The DNS Server on the Management WAN will serve out IP addresses for the management sites, while the other WAN will use public DNS Servers to resolve IP addresses for DNS queries.
> 
> I am interested in knowing best practice in how to configure dnsmasq for these dual-wan situations?   Do I need to run two dnsmasq processes or can a single dnsmasq process handle multiple WANs?  The management processes running on the system will use eth0.10 (VLAN 10) to access the management WAN, while normal user traffic will use eth0 (untagged) interface to get to the internet.
> 
> Does anyone have a sample configuration on how to configure this?
> 
> Thanks in advance,
> 
> John
> 
> __________________________________________________________________ Confidential This e-mail and any files transmitted with it are the property of Belkin International, Inc. and/or its affiliates, are confidential, and are intended solely for the use of the individual or entity to whom this e-mail is addressed. If you are not one of the named recipients or otherwise have reason to believe that you have received this e-mail in error, please notify the sender and delete this message immediately from your computer. Any other use, retention, dissemination, forwarding, printing or copying of this e-mail is strictly prohibited. Pour la version française: http://www.belkin.com/email-notice/French.html Für die deutsche Übersetzung: http://www.belkin.com/email-notice/German.html __________________________________________________________________
> 
> 
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
> 

-- 
Petr Menšík
Software Engineer
Red Hat, http://www.redhat.com/
email: pemensik at redhat.com  PGP: 65C6C973



More information about the Dnsmasq-discuss mailing list