[Dnsmasq-discuss] Confused about simple subdomain authoritative server (re: home network)
Petr Menšík
pemensik at redhat.com
Thu Nov 23 11:35:09 UTC 2023
It depends what interface you use for auth-server in second parameter.
You have not shared if you have internal and external interfaces, so I
would guess enp2s0f0 is internal interface. If you want authoritative
answers served to internal clients, use just
|auth-server=server.home.mydomain.com <http://server.home.mydomain.com>
|
||auth-server with interface specified is intended to be used on router
WAN interface facing to potentially hostile network. Therefore it does
not do recursive service, but just authoritative on it. That is by
design, but may not be what you wanted.
For trusted internal network, specify just allowed interface(s).
interface=lo
interface=enp20f0
|auth-server=server.home.mydomain.com
<http://server.home.mydomain.com>||auth-zone=home.mydomain.com
<http://home.mydomain.com>,192.168.1.0/24
||host-record=server.home.mydomain.com,192.168.1.50|
||
Cheers,
Petr|
|
On 06. 11. 23 14:22, John Klimek wrote:
> Here is the dnsmasq.conf I'm using. It seems to return authoritative
> responses for home.mydomain.com <http://home.mydomain.com> but if I
> query anything else it returns REFUSED:
>
> |log-queries no-resolv server=8.8.4.4 server=8.8.8.8
> auth-server=server.home.mydomain.com
> <http://server.home.mydomain.com>,enp2s0f0 auth-zone=home.mydomain.com
> <http://home.mydomain.com>,192.168.1.0/24
> host-record=server.home.mydomain.com,192.168.1.50
> <http://192.168.1.0/24 host-record=server.home.mydomain.com,192.168.1.50>|
>
--
Petr Menšík
Software Engineer, RHEL
Red Hat,http://www.redhat.com/
PGP: DFCF908DB7C87E8E529925BC4931CA5B6C9FC5CB
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20231123/8e146e9e/attachment.htm>
More information about the Dnsmasq-discuss
mailing list