[Dnsmasq-discuss] DNS forwarding steered based on source interface?
Christopher Hill
ch6574 at gmail.com
Fri Apr 19 02:07:04 UTC 2024
Hi,
I have a question regarding if upstream DNS forwarding can be based on
the source interface? Reading the manual I don't believe it is possible..?
The scenario I have is two VLANs that can talk to each other and both
use dnsmasqfor local name resolution - this works fine. Each VLAN is
configured at the gateway to default route traffic to different VPNs,
e.g. VLAN1 out to VPN1, and VLAN2 to VPN2 respectively, and I would like
dnsmasq to forward requests originating on VLAN1 to the DNS on VPN1, and
the same for VLAN2 forwarding to VPN2.
To illustrate:
tun1 VPN1 VPN2 tun2
10.0.1.1 | | 10.0.2.1
+---+---+
|
WAN
|
+-------+--------+
| eth0 |
VLAN 1 <-+-eth1 eth2-+-> VLAN 2
192.168.1.0/24 | (gateway) | 192.168.2.0/24
+----------------+
I would like to do something like the following in the dnsmasq
configuration on the gateway:
server=eth1,10.0.1.1 at tun1
server=eth2,10.0.2.1 at tun2
i.e. queries arriving on eth1 get sent to 10.0.1.1 via tun1, and queries
arriving on eth2 get sent to 10.0.2.1 via tun 2.
Thanks,
Chris
N.B. I have considered running two instances (one bound to eth1 and
another to eth2) but that duplicates setup and makes local queries
across VLANs more complicated.
More information about the Dnsmasq-discuss
mailing list