Differences

This shows you the differences between two versions of the page.

doc:howto:dhcp.dnsmasq [2013/04/30 10:11]
chris000
doc:howto:dhcp.dnsmasq [2014/05/24 15:21] (current)
p0g0
Line 1: Line 1:
====== Dnsmasq ===== ====== Dnsmasq =====
-Dnsmasq is lightweight, easy to configure DNS forwarder and DHCP server. It is designed to provide DNS and, optionally, DHCP, to a small network.+[[wp>Dnsmasq]] is lightweight, easy to configure DNS forwarder and DHCP server. It is designed to provide DNS and, optionally, DHCP, to a small network.
It can serve the names of local machines which are not in the global DNS. It can serve the names of local machines which are not in the global DNS.
The DHCP server integrates with the DNS server and allows machines with DHCP-allocated addresses to appear in the DNS with names configured either in each host or in a central configuration file. The DHCP server integrates with the DNS server and allows machines with DHCP-allocated addresses to appear in the DNS with names configured either in each host or in a central configuration file.
Dnsmasq supports static and dynamic DHCP leases and BOOTP for network booting of disk-less machines. Dnsmasq supports static and dynamic DHCP leases and BOOTP for network booting of disk-less machines.
-It is already installed and preconfigured on OpenWrt. See -> [[doc:uci:dhcp]].+It is already installed and preconfigured on OpenWrt. See -> ''[[doc:uci:dhcp|/etc/config/dhcp]]''.
===== Configuration ===== ===== Configuration =====
-The configuration is done with help of the uci-configuration file: ''[[doc:uci:dhcp|/etc/config/dhcp]]'', but you can use this together with ''[[doc/uci/dhcp#using.plain.dnsmasq.conf|/etc/dnsmasq.conf]]''.+The configuration is done with help of the uci-configuration file: ''[[doc:uci:dhcp|/etc/config/dhcp]]'', but you can use this together with the file ''[[doc/uci/dhcp#using.plain.dnsmasq.conf|/etc/dnsmasq.conf]]''.
-Depending on the setting in the uci-file, you may also use ''/etc/ethers'' and ''/etc/hosts'' additionally.+Depending on the setting in the uci-file, you may also use the files ''/etc/ethers'' and ''/etc/hosts'' additionally.
==== /etc/config/dhcp ==== ==== /etc/config/dhcp ====
Line 58: Line 58:
</code> </code>
-FIXME whats the effect of trailing dot, e.g. ''127.0.0.1 localhost.''? It seems that it prevents resolving localhost name from ''/etc/hosts'' file if run from the router itself, instead the resolving will take place in ''dnsmasq''. But ''dnsmasq'' uses ''/etc/hosts'' anyway, so not sure what the benefits are. +==== DNS and DHCP Ports ==== 
--- this is not a forum, but a dot in the end means the DNS root. technically, all dns have a dot in the end. "yahoo.com" is in reallity "yahoo.com.". what you are doing with "localhost." is saying that localhost is a top-level-domain (TLD) and that you should ask the root DNS server who is responsible for the TLD localhost, just as you do for "com."... which of course, will result in nothing for "localhost."+DNS needs TCP and UDP port 53 open on the firewall. DHCP needs UDP ports 67 and 68 open from your zone to/from the firewall. See http://wiki.openwrt.org/doc/recipes/guest-wlan and http://www.thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html (viz "--dhcp-alternate-port") for more information.
===== Examples ===== ===== Examples =====
Line 228: Line 228:
... ...
</code> </code>
 +
 +==== DNS filtering ====
 +  * [[https://forum.openwrt.org/viewtopic.php?id=35023|OpenWrt Forum: Blocking tracking, ad, spyware sites from router]]
===== Troubleshooting ===== ===== Troubleshooting =====
Line 249: Line 252:
</code> </code>
And restart Dnsmasq with /etc/init.d/dnsmasq restart And restart Dnsmasq with /etc/init.d/dnsmasq restart
 +
 +==== Assigning dnsmasq Queryport  ====
 +
 +The queryport is not the dns server port used by dhcp clients, it is the outgoing port dnsmasq uses to query other servers, and is integral to dnsmasq succesfully assigning DNS values to the DHCP clients.  The default settings create arbitrary high port number connections on a range of ports.  By assigning an option line like " option queryport '30000' " in /etc/config/dhcp, one can constrain those connections to a port you assign.  Be certain that your firewall allows outbound connections from the router on the query port that you assign.
 +
 +As a caution, dnsmasq runs as user "nobody" on openwrt so it is not allowed to create listening sockets on ports < 1024.  Using the standard DNS port 53 for these queries will fail.  The failure can be found in the logs.  Logread will show an "ignoring nameserver" error line like:"Jan 01 01:01:01 MyRoutersName daemon.warn dnsmasq[3490]: ignoring nameserver 8.8.8.8 - cannot make/bind socket: Permission denied".  Do not assign query ports less than 1024 to the queryport
===== Notes ===== ===== Notes =====

Back to top

doc/howto/dhcp.dnsmasq.1367309509.txt.bz2 · Last modified: 2013/04/30 10:11 by chris000