[Dnsmasq-discuss] How do others provide backup for their DNS? Ideas wanted

Chris Green cl at isbd.net
Thu Sep 2 18:52:16 UTC 2021


On Thu, Sep 02, 2021 at 10:32:01AM -0700, Michael wrote:
[snip earlier stuff]

> Hi Chris,
> 
> I am sure there are some good guides out there for learning docker.  I just
> learned by just picking a project that I wanted to try and set out to get it
> running.  You could always run your primary on a pi and your backup on
> another platform without any issues using my example below.
> 
Yes, thank you, I've already got it installed and I'm playing with it. 

> Personally, I like to use docker-compose, because it allows you to spin up
> the same arguments each time without remembering them.
> 
> As I mentioned, I am not using just dnsmasq, but rather pihole built on top
> of DNSmasq, but my docker-compose file looks like this below.   You should
> be able to adapt the arguments for just dnsmasq pretty easily.
> 
> 
>   pihole-main:
>     container_name: pihole-main
>     restart: unless-stopped
>     image: pihole/pihole
>     hostname: pihole-main
>     domainname: $DOMAINNAME
>     mac_address: 02:42:c0:a8:65:02
>     environment:
>       - TZ=${TZ}
>       - "WEBPASSWORD=fakepassword"
>       - "TEMPERATUREUNIT=f"
>       - DNSMASQ_USER=${DNSMASQ_USER}
>       - PUID=${PUID}
>       - PGID=${PGID}
> 
>       # Internal IP of the cloudflared container
>       - "DNS1=8.8.8.8"
> 
>       # Explicitly disable a second DNS server, otherwise Pi-hole uses
> Google
>       - "DNS2=no"
> 
>       # Listen on all interfaces and permit all origins
>       # This allows Pihole to work in this setup and when answering across
> VLANS,
>       # but do not expose pi-hole to the internet!
>       - "DNSMASQ_LISTENING=all"
> 
>     dns:
> #      - 127.0.0.1
>       - 8.8.8.8
> 
>     # Persist data and custom configuration to the host's storage
>     volumes:
>       - ${VOLUME}/pihole-main/config:/etc/pihole/
>       - ${VOLUME}/pihole-main/dnsmasq:/etc/dnsmasq.d/
>       - ${VOLUME}/pihole-main/misc:/var/lib/misc/
>       - ${VOLUME}/pihole-main/home:/home/
> 
>     cap_add:
>       - NET_ADMIN
>       - CAP_SYS_NICE
> 
>     # 1. Join the public network so it's reachable by systems on our LAN
>     networks:
>       lan:
>         ipv4_address: 192.168.101.2
> 
> 
> With this configuration, the IP of the container is always 192.168.101.2.  
> The server it is running on though has a different IP - something in the
> 192.168.101 range.    This way, if I bring this container up on the backup
> machine, it can come up on the same IP and mac address and the clients never
> know it moved.
> 
> 
> Bring it up is just as simple as docker-compose up -d on the backup machine.
> 
> Then with this config, I just rsync the ${VOLUME}/pihole-main directory to
> the backup machine and it is ready if needed.
> 
Thank you, that's brilliant.

The bit I don't quite understand yet is:-

     # 1. Join the public network so it's reachable by systems on our LAN
     networks:
       lan:
         ipv4_address: 192.168.101.2

I couldn't see how to do this with docker but you've shown me how.

I think we'd better shut-up now as this is drifting away from dnsmasq.

-- 
Chris Green



More information about the Dnsmasq-discuss mailing list