I've a requirement where I need to configure different dns servers for different lans.
ex: I want 8.8.4.4 should be configured for lan "lan_test" and all the requests should be resolved by 8.8.4.4 requested by "lan_test".
Below is my dhcp config:
config dnsmasq
option domainneeded '1'
option boguspriv '1'
option filterwin2k '0'
option localise_queries '1'
option rebind_protection '0'
option rebind_localhost '1'
option local '/lan/'
option domain 'lan'
option expandhosts '1'
option nonegcache '0'
option authoritative '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option resolvfile '/tmp/resolv.conf.auto'
option all_servers '0'
option strict_order '1'
option max_ttl '0'
list address '/mlink.home/192.168.168.1'
option allow_ipv6_addrs '1'
list server '/bind/'
option localservice '1'
config odhcpd 'odhcpd'
option maindhcp '0'
option leasefile '/tmp/hosts/odhcpd'
option leasetrigger '/usr/sbin/odhcpd-update'
config dhcp 'test'
option interface 'lan_test'
option leasetime '10m'
option start '10'
option limit '40'
option ignore '0'
option dhcpv6 'server'
option ra 'server'
option ra_default '1'
option ndp 'server'
below is the configuraiton for "lan_test" interface in network file
config interface 'lan_test'
option type 'bridge'
option dname 'test'
option force_link '1'
option disabled '0'
option proto 'static'
option ipaddr '192.168.10.1'
option netmask '255.255.255.0'
option dns '8.8.4.4'
option ifname 'eth0.4085'
and in the firewall I added the redirect rule
config redirect 'lan_dns'
option name 'lan_dns'
option src 'lan_test'
option proto 'tcpudp'
option src_dport '53'
option dest_port '53'
option dest_ip '192.168.10.1'
option target 'DNAT'
contents of /tmp/resolv.conf.auto:
# Interface lan_test
nameserver 8.8.4.4
# Interface wan_0
nameserver 172.22.2.1
wan IP of the router is:
172.22.2.100
so, when I run a dig command from the client connected to the "lan_test", like:
dig amazon.com @8.8.8.8
the dns (8.8.4.4) configured for "lan_test" is being picked, but the request goes to 8.8.4.4 and as well as to 172.22.2.1
below is the outpout of tcpdump on wan interface of the router
18:29:15.805620 IP 172.22.2.100.16644 > 8.8.4.4.53: 2048+ [1au] A? amazon.com. (39)
18:29:15.805773 IP 172.22.2.100.16644 > 172.22.2.1.53: 2048+ [1au] A? amazon.com. (39)
18:29:15.866771 IP 8.8.4.4.53 > 172.22.2.100.16644: 2048 3/0/1 A 205.251.242.103, A 176.32.98.166, A 176.32.103.205 (87)
18:29:15.906711 IP 172.22.2.1.53 > 172.22.2.100.16644: 2048 3/6/1 A 176.32.98.166, A 176.32.103.205, A 205.251.242.103 (236)
I want all the request from "test_lan" should be resolved only by the configured dns(8.8.4.4) and not by 172.22.2.1.
what I'm doing wrong? Any help will be greatly appreciated