Hi, i use dnsmasq for resolving my local network address,<div>here's my /etc/hosts file (real ip and domain name changed to fake):</div><div>## cat /etc/hosts</div><div>127.0.0.1 genesis</div><div><div>127.0.0.1 localhost</div>
<div>1.1.1.1 <a href="http://dns00.mysecretdomain.ac.id">dns00.mysecretdomain.ac.id</a> dns00</div><div>1.1.1.1 <a href="http://dns.mysecretdomain.ac.id">dns.mysecretdomain.ac.id</a> dns</div><div>1.1.1.1 <a href="http://mail.mysecretdomain.ac.id">mail.mysecretdomain.ac.id</a> proxy</div>
<div>. . .</div><div>#20 more server hosts</div><div>. . .</div><div>#and 15000 more advertisement-blocking hosts that redirected ti 1.1.1.1</div><div><br></div><div><div># cat /etc/dnsmasq.conf | egrep -a -v '^[[:space:]]*#' $1 | egrep -a '[[:print:]]'</div>
<div>cache-size=1024</div><div>bogus-nxdomain=1.1.1.1</div><div>conf-file=/etc/kyz/hosts/block</div><div>conf-file=/etc/kyz/hosts/mail</div><div><br></div></div><div><div>## cat /etc/resolv.conf | egrep -a -v '^[[:space:]]*#' $1 | egrep -a '[[:print:]]'</div>
<div>search <a href="http://mysecretdomain.ac.id">mysecretdomain.ac.id</a></div><div>nameserver 208.67.222.222 # opendns</div><div>nameserver 208.67.220.220 # opendns</div><div>nameserver 1.1.1.4 # dns4</div><div>nameserver 1.1.1.3 # dns3</div>
<div>nameserver 1.1.1.2 # dns2</div><div><br></div><div>all my client dns request was redirected to 1.1.1.1</div><div>## cat /etc/network/if-up.d/custom</div><div>#some iptables clearing rules</div><div>. . .</div><div>real1 = 1.1.1.1</div>
<div>reals = <a href="http://1.1.1.1/28">1.1.1.1/28</a></div><div>wifis = <a href="http://10.0.0.0/8">10.0.0.0/8</a></div><div>staff = <a href="http://192.168.0.0/16">192.168.0.0/16</a></div><div><div>iptables -A PREROUTING -t nat -p TCP -s $wifis -d ! $reals --dport 53 -j DNAT --to $real1:53</div>
<div>iptables -A PREROUTING -t nat -p UDP -s $wifis -d ! $reals --dport 53 -j DNAT --to $real1:53</div><div>iptables -A PREROUTING -t nat -p TCP -s $staff -d ! $reals --dport 53 -j DNAT --to $real1:53</div><div>iptables -A PREROUTING -t nat -p UDP -s $staff -d ! $reals --dport 53 -j DNAT --to $real1:53</div>
<div>. . .</div><div>#some default rules</div><div><br></div><div>and the interface of the gateway server are: eth0 = 192.168.1.1, eth1 = 1.1.1.1</div><div>all clients dns configuration was set to 192.168.1.1.</div><div>and if i open for example <a href="http://dns00.mysecretdomain.ac.id">dns00.mysecretdomain.ac.id</a>, it always lag for 3-25 seconds (and showing "Resolving host..." on Chromium or "Looking up dns00.mysecretdomain.ac.id...") before it show the web.. and it does not happened for non local web..</div>
<div>i wonder where is the lag problem source?</div><div><br></div><div>Regards,</div><div>Kiswono</div><div>GB</div><div><br></div><div><br></div></div></div></div>