[Dnsmasq-discuss] dnsmaq on OpenWRT, configuration question

john doe johndoe65534 at mail.com
Sat Jul 27 17:08:38 BST 2019


On 7/27/2019 5:34 PM, Art Greenberg wrote:
> I had been running dnsmasq on a machine on my network and using addn-hosts for ad blocking. My router was configured with my ISP's DNS servers.
>
> I used "net:red" to assign the router as DNS server for certain devices (Roku streamers, notably) to avoid the ad blocking, because some of the apps on the router would not work properly with the ad blocking in place. This told those devices to go directly to the router for DNS services.
>
> router/gateway 192.168.2.1
> dnsmasq machine 192.168.2.11
>
> ## dnsmasq.conf fragment
>
> domain-needed
> bogus-priv
> no-resolv
> local=/artg.tv/
> interface=eth0
> domain=artg.tv
> server=8.8.8.8,8.8.4.4
>
> dhcp-option=option:dns-server,192.168.2.11                                         ## use dnsmasq machine for DNS
> dhcp-option=net:red,option:dns-server,192.168.2.1
>
> dhcp-host=00:01:03:27:84:95,192.168.2.15,martha                                ## typical of computer assignments
> dhcp-host=d8:31:34:36:d0:18,192.168.2.135,ROKU-1-WIFI,net:red    ## typical of ad blocking avoidance
>
> ## end dnsmasq.conf fragment
>
> This all worked fine.
>
> Then I obtained a newer router and installed OpenWRT on it. This, too, worked fine until I moved dnsmasq onto the router. The configuration now looks like this:
>
> router/gateway 192.168.2.1
> dnsmasq machine 192.168.2.1
>
> ## dnsmasq.conf fragment
>
> domain-needed
> bogus-priv
> no-resolv
> local=/artg.tv/
> interface=br-lan
> domain=artg.tv
> server=8.8.8.8,8.8.4.4
>
> dhcp-option=option:dns-server,192.168.2.1                                            ## use dnsmasq on the router for DNS
> dhcp-option=net:red,option:dns-server,8.8.8.8,8.8.4.4                        ## Google public DNS servers
>
> dhcp-host=00:01:03:27:84:95,192.168.2.15,martha                                ## typical of computer assignments
> dhcp-host=d8:31:34:36:d0:18,192.168.2.135,ROKU-1-WIFI,net:red    ## typical of ad blocking avoidance
>
> Now the Roku streamers and some of the apps on them aren't so happy. Despite the "net:red" tag, dnsmasq is intercepting all DNS requests and it is returning 0.0.0.0 when the host being looked up is in one of the addn-hosts files.
>
> I have DHCP and DNS logging turned on in dnsmasq and can see the Roku streamers ask for option 6 (dns-server) and they get the expected response (the Google DNS servers). Yet when they make a DNS request, its being processed by dnsmasq and the add-hosts files are being consulted, the result being that hosts listed in one of the files have their IP address returned as 0.0.0.0.
>
> I suppose this is expected, as dnsmasq is acting as a DNS relay only if it cannot resolve the request, and since the ad hosts are listed in an addn-hosts file, dnsmasq -can- resolve the request despite it not being within the local, private IP address block.
>
> I'm thinking I need a second dnsmasq instance configured to handle those devices that cannot have ad blocking, and the appropriate division of configurations, including complimentary use of the "ignore" option to dhcp-host on the two configurations.
>
> Is there a simpler way to deal with this? And no, I'd rather not move back to using a machine on the network for dnsmasq if I can avoid it.
>

Not strictly an answer, but don't forget that Dnsmasq is normaly
configured using OpenWRT.
So, if you were able to get everything working previously, there is no
reason why you can't do it here.


In other words, OpenWrt might be the culprit and not Dnsmasq.

--
John Doe



More information about the Dnsmasq-discuss mailing list