User Tools

Site Tools


doc:howto:dhcp.dnsmasq

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
doc:howto:dhcp.dnsmasq [2013/07/11 11:34]
lorema
doc:howto:dhcp.dnsmasq [2014/10/23 17:15] (current)
b548204b
Line 108: Line 108:
  
 Replace 212.68.193.110 and 212.68.193.196 with the IP addresses you have gotten with the cat /​tmp/​resolv.conf.auto command. Replace 212.68.193.110 and 212.68.193.196 with the IP addresses you have gotten with the cat /​tmp/​resolv.conf.auto command.
 +
 +==== Configuring dnsmasq to forward dns requests to public dns servers ====
 +If you want to use public dns servers((such as [[https://​developers.google.com/​speed/​public-dns/​docs/​using|Google Public DNS]] and [[https://​www.opendns.com|OpenDNS]])) to resolve public dns queries, you can configure dnsmasq for it. You can even specify more than three nameservers((currently,​ linux /​etc/​resolv.conf file is limited to three nameservers,​ [[http://​manpages.ubuntu.com/​manpages/​trusty/​man5/​resolver.5.html|see resolv.conf(5) manpage]])).
 +
 +Just add the following lines to /​etc/​dnsmasq.conf to use Google Public DNS.
 +<​code>​
 +server=8.8.8.8
 +server=8.8.4.4
 +</​code>​
 +
 +In case you prefer to use [[doc:​techref:​uci|OpenWrt UCI]], you may issue the following commands.
 +<code shell>
 +uci add_list dhcp.@dnsmasq[-1].server=8.8.8.8
 +uci add_list dhcp.@dnsmasq[-1].server=8.8.4.4
 +uci commit dhcp
 +</​code>​
 +
 +You may also edit /​etc/​config/​dhcp directly.
 +<​code>​
 +config dnsmasq
 +        option domainneeded '​1'​
 +        option boguspriv '​1'​
 +        option localise_queries '​1'​
 +        option local '/​lan/'​
 +        option domain '​lan'​
 +        option expandhosts '​1'​
 +        option authoritative '​1'​
 +        option readethers '​1'​
 +        option leasefile '/​tmp/​dhcp.leases'​
 +        option resolvfile '/​tmp/​resolv.conf.auto'​
 +        option rebind_protection '​0'​
 +        option server '​8.8.8.8'​
 +        option server '​8.8.4.4'​
 +</​code>​
 +
 +In case you want to use OpenDNS (there are 4 public dns servers)
 +<​code>​
 +uci add_list dhcp.@dnsmasq[-1].server=202.67.222.222
 +uci add_list dhcp.@dnsmasq[-1].server=202.67.220.220
 +uci add_list dhcp.@dnsmasq[-1].server=202.67.222.220
 +uci add_list dhcp.@dnsmasq[-1].server=202.67.220.222
 +uci commit dhcp
 +</​code>​
 +
 +Of course, you can use another dns servers. Just send a SIGHUP to dnsmasq process or restart dnsmasq service to apply the newly added forwarding DNS servers.
  
 ==== Configuring dnsmasq to use different IP ranges for wired and wireless ==== ==== Configuring dnsmasq to use different IP ranges for wired and wireless ====
Line 251: Line 296:
 dhcp-option=252,"​\n"​ dhcp-option=252,"​\n"​
 </​code>​ </​code>​
-And restart ​Dnsmasq ​with /​etc/​init.d/​dnsmasq restart+and restart ​dnsmasq ​with /​etc/​init.d/​dnsmasq restart 
 + 
 +==== Assigning dnsmasq Queryport ​ ==== 
 + 
 +The queryport is not the dns server port used by dhcp clients, it is the outgoing port dnsmasq uses to query other servers, and is integral to dnsmasq succesfully assigning DNS values to the DHCP clients. ​ The default settings create arbitrary high port number connections on a range of ports. ​ By assigning an option line like " option queryport '​30000'​ " in /​etc/​config/​dhcp,​ one can constrain those connections to a port you assign. ​ Be certain that your firewall allows outbound connections from the router on the query port that you assign.  
 + 
 +As a caution, dnsmasq runs as user "​nobody"​ on openwrt so it is not allowed to create listening sockets on ports < 1024.  Using the standard DNS port 53 for these queries will fail.  The failure can be found in the logs.  Logread will show an "​ignoring nameserver"​ error line like: 
 +<​code>​ 
 +Jan 01 01:01:01 MyRoutersName daemon.warn dnsmasq[3490]:​ ignoring nameserver 8.8.8.8 - cannot make/bind socket: Permission denied 
 +</​code>​ 
 +Do not assign query ports less than 1024 to the queryport.
  
 ===== Notes ===== ===== Notes =====
doc/howto/dhcp.dnsmasq.1373535244.txt.bz2 · Last modified: 2013/07/11 11:34 by lorema