[Dnsmasq-discuss] Problem: How do I disable RDNS being included in an RA without disabling the DNS component itself.

Kristof Mattei kristofmattei at outlook.com
Sun Dec 6 17:08:29 GMT 2020


Hi all!

Consider the following dual stack network:

IPv4:

  *   192.168.1.1/24
  *   DHCP on 192.168.1.1 with DNSMASQ
  *   DNS on 192.168.1.10 (pi-hole, docker)
  *   DNSMASQ has dhcp-option=6,192.168.1.10, so clients query the DNS directly. This allows pi-hole query DNSMASQ for the names of those clients.

IPv6:

  *   Changing prefix when the router/cable modem reboots, so I cannot hardcode the prefix.
     *   Even tried locking down the DUID. Doesn't work.
  *   DNSMASQ has dhcp-range=::,constructor:br0,ra-only,12h. (ra-only to my understanding here is the same as SLAAC)
  *   I did NOT set the dhcp-option=option6:23,[::]

Now the problem is that DNSMASQ still send the link-local address of br0 being the RDNS server as part of the RA.

The only way I found to disable this was to set the nameserver port to 0, essentially disabling the DNS component of DNSMASQ.
This however breaks the lookups that pi-hole does against DNSMASQ.

Is there another switch that I'm not seeing?

Other solutions I have considered:

  *   Set the dhcp-option=option6:23 to the link-local address of pi-hole. Working on that, but Docker and IPv6 aren't the best friends when it comes to changing prefixes.
  *   ULA on the network, DD-WRT doesn't support that.
  *   Make pi-hole the DHCP server for IPv4, so it has the client names, deferring to DNSMASQ only for IPv6. Actual viable solution.
--
Kristof
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20201206/341f1eb9/attachment.html>


More information about the Dnsmasq-discuss mailing list