Bind behind dnsmasq on same device

As germany starts to censor the web (currently one ISP (Vodafone) is forced by government to filter at least 2 domains (kinox and Library Genesis)) I want to prepare for the future by using my own DNS server querying root servers only. For this I installed Bind and configured it to listen on IP port 5353:

root@router:~# nslookup -p5353 localhost
Server:         localhost

Address 1:
Address 2: 2a00:1450:4016:80b::2003

Now I want to tell dnsmasq to use this new DNS server but how to define the custom port? The UI treats ":" or "#" as invalid characters and manually setting it in the config file doesn't work.

Before someone asks "why don't you use Bind only": I want to get dynamic DNS entries from the DHCP requests but according to using bind only "will disable automatic creation of your internal hostnames".

  • If you don't get the custom port to work, you can always create a VLAN or dummy interface with a valid IP to attach BIND to.
  • Also, since Dnsmasq is designed to use real DNS servers, I'm not sure you can re-specify the port.

Thanks, after digging a bit deeper this seems to be the only option. For all who want to know why: UCI creates a temporary resolv.conf file for dnsmasq to use but for historical reasons a resolv.conf file is not allowed to specify ports. This is a common linux problem and will most likely not change in the foreseeable future because of compatibility for old tools.

P.S. For all who want to do the same: Don't forget to blacklist dnsmasq on the dummy0 interface.

1 Like

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.