[Dnsmasq-discuss] Change upstream server by client?
Jonathan Stafford
thecabinet at gmail.com
Sun Jan 1 12:51:26 UTC 2023
On Sat, Dec 31, 2022 at 11:28 AM Geert Stappers <stappers at stappers.nl>
wrote:
> On Thu, Dec 29, 2022 at 05:34:24PM -0500, Jonathan Stafford wrote:
> > On Thu, Dec 22, 2022 at 3:46 PM Michael Smith <michael at kmaclub.com>
> wrote:
> >
> > > I run 2 instances of pihole (DNSmasq) on docker. Each run on their
> own
> > > IP address (macvlan) separate from the docker host. Their IP
> addresses
> > > are .2 and .3.
> > >
> > >
> > > The .2 host is primary and forwards upstream to 1.1.1.1. This
> container
> > > also holds all the hosts file info and handles DHCP+dynamic host DNS
> > > resolution.
> > >
> > > The .3 host is secondary and handles only DNS requests for the kids.
> > > This forwards upstream to 1.1.1.3. If a DNS request comes in for
> local
> > > domain info, it simply forwards those requests to .2 like this:
> > >
> > > server=/mydomain.com/192.168.101.2
> > > server=/101.168.192.in-addr.arpa/192.168.101.2
> > >
> > >
> > > Combine with the tagging and now you can point any client to either
> > > upstream DNS:
> > >
> > > # Define DNS servers
> > > dhcp-option=option:dns-server,192.168.101.2
> > > dhcp-option=tag:kidsdevices,option:dns-server,192.168.101.3
> > >
> > > dhcp-host=0c:51:01:95:d3:36,set:kidsdevices # Ipad
> > > dhcp-host=58:41:4E:CD:D2:0A,set:kidsdevices # Iphone
> > >
> >
> > Thanks everybody for the discussion. I ended up doing something like
> what
> > Michael and Geert described and adding a second IP to my server and
> running
> > two instances of dnsmasq.
> >
> > The primary instance handles DHCP, uses 1.1.1.2 as its upstream, and
> tags a
> > handful of devices to use it for DNS:
> >
> > no-resolv
> > server=1.1.1.2
> > interface=lo
> > interface=eth0 # 10.1.1.32
> > bind-interfaces
> > dhcp-host=1c:0d:7d:13:9e:3e,set:cf1112
> > dhcp-option=option:dns-server,10.1.1.33
> > dhcp-option=tag:cf1112,option:dns-server,10.1.1.32
> >
> > The secondary instance is just doing DNS and using 1.1.1.3 as its
> upstream:
> >
> > no-resolv
> > server=1.1.1.3
> > interface=eth0:1 # 10.1.1.33
> > except-interface=lo
> > no-dhcp-interface=eth0:1
> > bind-interfaces
> >
>
> How are those solutions ( "docker" and "IP alias") started when the host
> reboots. Is the %i
> of
> https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2022q4/016771.html
> being used?
>
I am running dnsmasq on a Raspberry Pi that is mostly used to run rtl_433.
No Docker installed and didn't feel like adding it as it seems to make
things much more sluggish. I created the new interface with
/etc/interfaces.d/eth0-dnsmasq:
auto eth0:1
allow-hotplug eth0:1
iface eth0:1 inet static
address 10.1.1.33
netmask 255.0.0.0
gateway 10.1.1.1
`systemctl restart network` made it appear and it is automatically
created/configured on reboot.
The second instance is using %i under the hood, yes, although I didn't
realize what that was at the time. Looking at the init script I saw the
INSTANCE variable and kind of stumbled my way backwards into using it. I
don't recall the exact order I did things but I think the correct thing to
do was `systemctl enable dnsmasq at family` which created
/lib/systemd/system/dnsmasq at .service which is using %i:
[Unit]
Description=dnsmasq (%i) - A lightweight DHCP and caching DNS server
Requires=network.target
Wants=nss-lookup.target
Before=nss-lookup.target
After=network.target
[Service]
Type=forking
PIDFile=/run/dnsmasq/dnsmasq.%i.pid
# Test the config file and refuse starting if it is not valid.
ExecStartPre=/etc/init.d/dnsmasq checkconfig "%i"
...
Then I created /etc/dnsmasq.family.conf and was able to `systemctl start
dnsmasq at family`. So I have "dnsmasq" and "dnsmasq at family" instances
running.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20230101/f7ba94f8/attachment.htm>
More information about the Dnsmasq-discuss
mailing list