[Dnsmasq-discuss] dnsmasq for road warriors
/dev/rob0
rob0 at gmx.co.uk
Tue Nov 13 15:03:03 GMT 2012
On Tue, Nov 13, 2012 at 12:13:07PM +0100, sam at sltosis.org wrote:
> On Mon, Nov 12, 2012 at 06:11:43PM -0600, richardvoigt at gmail.com
> wrote:
> > On Sun, Nov 11, 2012 at 5:05 PM, /dev/rob0 <rob0 at gmx.co.uk>
> > wrote:
> > > > On 10/11/2012 15:54, /dev/rob0 wrote:
> > > > >Seems to me that dnsmasq is a better nscd replacement,
> > > > >and it has a place in mobile computing.
> > > > >
> > > > ># we use this dnsmasq as this system's own resolver
> > > > >no-resolv
> > >
> > > On Sat, Nov 10, 2012 at 05:46:10PM -0600,
> > > richardvoigt at gmail.com wrote:
> > > > no-resolv is doing more harm than good.
> > > >
> > > > dnsmasq is smart enough to ignore 127.0.0.1 in
> > > > /etc/resolv.conf And it will automatically pick up
> > > > DHCP-assigned DNS servers which written there.
> > >
> > > But you don't understand. The point of dnsmasq on a laptop
> > > is to serve ONLY that machine and its local processes.
> > > /etc/resolv.conf must contain ONLY "nameserver 127.0.0.1".
> > > If there are other nameservers listed, the system resolver
> > > will be contacting them; possibly getting different results,
> > > and ... well, this discussion would not be relevant to
> > > the dnsmasq list.
> > >
> > I don't know where you got this piece of misinformation.
> > Multiple nameserver entries in /etc/resolv.conf work fine, as
> > long as the localhost entry (pointing to dnsmasq) comes first.
>
> It will work fine, but the system resolver might end up querying
> an nameserver other than dnsmasq(localhost) which is exactly, if
> I understood correctly, what /dev/rob0 wants to avoid.
Yes. And thanks to Richard for making me look in the resolv.conf(5)
manual. The listing order is the priority, but there's always a
chance that lookups could fall through from 127.0.0.1 to other
nameservers, and I don't want that.
> That said, dnsmasq will poll your alternate resolv.conf for change
> automatically, unless requested otherwise (--no-poll), so I see no
> need to restart it after a change.
Aha! I missed --no-poll. This looks to be pretty easy, then, using
--resolv-file. (And --no-resolv is moot.)
> This is actually what I was doing* on my laptop, a custom dhcp
> client hook will fill an alternate resolv.conf file :
> /etc/resolv.conf-dnsmasq (used by dnsmasq), and ensure
> /etc/resolv.conf only contains the localhost nameserver with
> optionnal supplementary parameters (search,...)
Thanks!
> This is obviously usefull for dnsmasq cache and other features (eg:
> server=//), but also for some services/daemons which don't poll
> /etc/resolv.conf for change on their own(eg: postfix)
Hehe, it seemed a bit crazy to run server software on a laptop, but
at least I'm not putting Postfix on there. (Yet? ;) )
For the archives, here's what I ended up with on the laptop:
no-dhcp-interface=lo
listen-address=127.0.0.1
no-resolv
resolv-file=/var/lib/dhcpcd/resolv.conf
user=dnsmasq
group=dnsmasq
server=/rob0.vpn/192.168.6.1
server=/6.168.192.in-addr.arpa/192.168.6.1
/etc/resolv.conf contains only "nameserver 127.0.0.1". (It could just
as well not exist, because the default resolver behavior is to query
DNS from 127.0.0.1.) And dhcpcd(8) is writing domain_name_servers to
/var/lib/dhcpcd/resolv.conf.
--
http://rob0.nodns4.us/ -- system administration and consulting
Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:
More information about the Dnsmasq-discuss
mailing list