[Dnsmasq-discuss] Having dnsmasq use non-default routing table
Luigi Baldoni
aloisio at gmx.com
Sat Sep 23 04:54:51 UTC 2023
Hi Matthias,
unfortunately that won't do because I also have bind running on the same machine
(please don't ask, long story).
So, I was thinking, why couldn't I simply use e.g. server=8.8.8.8 at ppp1 as
dnsmasq option?
With that parameter set, I see the outgoing queries on ppp1 and the replies
from the upstream server, but dnsmasq still times out.
Am I misunderstanding the meaning of the @interface option?
Regards
> Sent: Saturday, September 23, 2023 at 12:31 AM
> From: "Matthias May via Dnsmasq-discuss" <dnsmasq-discuss at lists.thekelleys.org.uk>
>
> Hi Luigi
>
> Strictly speaking this has nothing to do with dnsmasq, and is a question
> of how to do policy-routing.
> I assume you're using linux since you mention iptables.
>
> A good starting point for policy routing with linux is
> https://tldp.org/HOWTO/Adv-Routing-HOWTO/
> respectively https://tldp.org/HOWTO/Adv-Routing-HOWTO/lartc.rpdb.simple.html
>
> What i would do is to create a routing rule that redirects your frames
> to a separate routing table.
>
> By the default the routing rules look like this:
> # maym at Orpheus:~$ ip rule
> # 0: from all lookup local
> # 32766: from all lookup main
> # 32767: from all lookup default
>
> You can create a new routing table (e.g table 100) that contains a
> different default gateway.
> # maym at Orpheus:~$ sudo ip route add default via 10.0.8.99 table 100
> # maym at Orpheus:~$ ip route show table 100
> # default via 10.0.8.99 dev wlan0
>
> Now create a routing rule that matches your traffic and calls the table 100:
> # maym at Orpheus:~$ sudo ip rule add pref 100 iif lo proto 17 dport 53
> lookup 100
> # maym at Orpheus:~$ ip rule
> # 0: from all lookup local
> # 100: from all iif lo dport 53 lookup 100 proto 17
> # 32766: from all lookup main
> # 32767: from all lookup default
>
> Now all traffic originating:
> from the device itself (iif lo)
> with proto 17 (udp)
> to the destination port 53 (dns)
> will be directed to the routing table 100 which contains the default
> gateway to the router you want to use.
>
> BR
> Matthias
>
> On 22/09/2023 15:10, Luigi Baldoni wrote:
> > Hello,
> > after a few days of fruitless efforts, I thought of asking you all directly.
> >
> > I need dnsmasq to send its queries to the upstream server via a different
> > route than everything else. I've tried adding the @interface parameter to
> > the --server option but I don't think I quite understand how it's supposed
> > to work.
> > Then I've attempted to mark the packets originating from the dnsmasq process
> > via the iptables owner module, also with little success.
> >
> > Before I proceed any further with these experiments, I would like to know
> > whether I'm missing something, or if someone has found a different way to
> > do this.
> >
> > Thanks
> >
> >
> > _______________________________________________
> > Dnsmasq-discuss mailing list
> > Dnsmasq-discuss at lists.thekelleys.org.uk
> > https://urldefense.com/v3/__https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss__;!!I9LPvj3b!B5ufkCPULSxnt3FjUe0ZvdgQYisVtbnoP_jvcsm9droDBts9Pe8Dsw2EuLsUBxoFy5MKDHvMZKv7X1_ueQ$
>
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
>
More information about the Dnsmasq-discuss
mailing list