mar
/
sysadmin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
How to set up/manage services on a computer
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
29 Commits
1 Branch
0 Tags
179 KiB
 
Tree: d03c8e499d
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'd03c8e499d'
${ noResults }
sysadmin/linux/router/dnsmasq.md

3.4 KiB
Raw Blame History

set up dnsmasq

dnsmasq provides DHCP and DNS services for the network

install & config dnsmasq

install with:

apt install dnsmasq

stop service so it doesn't do anything until it's configured:

service dnsmasq stop

config

config file is in /etc/dnsmasq.conf. The following settings need to be set:

# The following two options make you a better netizen, since they
# tell dnsmasq to filter out queries which the public DNS cannot
# answer, and which load the servers (especially the root servers)
# unnecessarily. If you have a dial-on-demand link they also stop
# these requests from bringing up the link unnecessarily.

# Never forward plain names (without a dot or domain part)
domain-needed
# Never forward addresses in the non-routed address spaces.
bogus-priv

# Add local-only domains here, queries in these domains are answered
# from /etc/hosts or DHCP only.
local=/mar.alemor.org/

# If you want dnsmasq to listen for DHCP and DNS requests only on
# specified interfaces (and the loopback) give the name of the
# interface (eg eth0) here.
# Repeat the line for more than one interface.
interface=lan0

# On systems which support it, dnsmasq binds the wildcard address,
# even when it is listening on only some interfaces. It then discards
# requests that it shouldn't reply to. This has the advantage of
# working even when interfaces come and go and change address. If you
# want dnsmasq to really bind only the interfaces it is listening on,
# uncomment this option. About the only time you may need this is when
# running another nameserver on the same machine.
bind-interfaces 

# Set this (and domain: see below) if you want to have a domain
# automatically added to simple names in a hosts-file.
expand-hosts

# Set a  domain for a particular subnet
domain=mar.alemor.org,192.168.82.0/24

# Uncomment this to enable the integrated DHCP server, you need
# to supply the range of addresses available for lease and optionally
# a lease time. If you have more than one network, you will need to
# repeat this for each network on which you want to supply DHCP
# service.
dhcp-range=192.168.82.50,192.168.82.150,12h

# Set the limit on DHCP leases, the default is 150
dhcp-lease-max=100

# Set the DHCP server to authoritative mode. In this mode it will barge in
# and take over the lease for any client which broadcasts on the network,
# whether it has a record of the lease or not. This avoids long timeouts
# when a machine wakes up on a new network. DO NOT enable this if there's
# the slightest chance that you might end up accidentally configuring a DHCP
# server for your campus/company accidentally. The ISC server uses
# the same option, and this URL provides more information:
# http://www.isc.org/files/auth.html
dhcp-authoritative

# If you want to disable negative caching, uncomment this.
no-negcache

after you've set the config you want, reload with service dnsmasq restart.

Put your static hosts in /etc/dnsmasq.d/hosts.

make interface static

set 192.168.82.1 as the hostname for medusa.mar.alemor.org

the LAN interface won't be getting DHCP since it is the DHCP, so it has to be defined as static. In /etc/network/interfaces, add the block:

# LAN interface needs to be manually defined
# 21-bit netmask is 255.255.248.0 in dot notation
auto lan0
iface lan0 inet static
  address 192.168.82.1/21

then take the interface down and bring it back up with:

ifdown lan0
ifup lan0