OpenWrt Forum Archive

Topic: True DNS nameserver?

The content of this topic has been archived on 9 Apr 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.

I want to run a true DNS nameserver on my WAN where I can configure A records and everything... can DNSmasq do that? How? If not, can it be done on the WRT? How?

try maradns www.maradns.org, should be availible as ipkg package

dnsmasq is build-in and works quite well if you don't need secondaries (i.e. redundancy). It will also provide reverse-mapping for the IPs in your domain. As opposed to maradns you can also maintain your zone through webif.

Regards, Marcus

(Last edited by holyLAN on 25 Feb 2006, 17:37)

I have both maradns and dnsmasq running on port 53. maradns serves public dns at the wan interface and dnsmasq takes care of the private subnet. in order for both to get along, you have to start maradns BEFORE dnsmasq. additionally, you need to have the line:
bind_address="external_ip"
in your mararc file. to start the two name servers, i slightly modified /etc/init.d/S50dnsmasq:

#!/bin/sh
. /etc/functions.sh

# maradns stuff starts here
publicip=$(whatismyip vlan1)
zonefile=/etc/maradns/my_dns_zone
cat $zonefile.template |sed s/external_ip/$publicip/ > $zonefile.zone
cat /etc/maradns/mararc.template |sed s/external_ip/$publicip/ > /etc/mararc
/usr/sbin/maradns >/var/log/maradns 2>&1 &
# maradns stuff ends here

# interface to use for DHCP
iface=lan
[...the script continues...]

this script does the following things:
1. it determines my external (wan) IP with a script i got from the openwrt wiki (whatismyip)
2. it rewrites my maradns zone file to insert the external ip (just put "external_ip" in place of the actual ip in the zone template)
3. it rewrites mararc to insert the correct IP in "bind_address=..."
4. finally, it starts maradns

after maradns has started, port 53 of the external iface will be "occupied", which dnsmasq will complain about in the syslog ("[dnsmasq] setting --bind-interfaces option because of OS limitations"). you can safely ignore this message or you could probably start dnsmasq explicitly with the --bind-interfaces option to get rid of the message. i didn't, as i'm too lazy wink

BTW: this works fine for me, as my internet provider does (almost) never change my assigned IP. if you have a provider which changes your ip with every dhcp lease period or so, you would probably need to place something similar in /etc/hotplug.d/iface (or i don't know where)

(Last edited by synthrax on 24 Feb 2006, 20:52)

I've run into problems with maradns by following the normal procedure: go to maradns.org and follow the documentation provided there. Unfortunately, this documentation is for a newer version of maradns and it got quite confusing (and time consuming) for me. Also there are some things special to OpenWrt, so I've put together a short HowTo regarding maradns. I'll also incorporate the suggestions from syntrax above and take care of formatting, structure, links and stuff...

Anyway, suggestions and constructive criticism are alway welcome and once the thing is in the Wiki, it wound be nice, if a native speaker could look over it for spell-checking.

EDIT: maradns-Howto online here: http://wiki.openwrt.org/MaradnsHowTo

Nice weekend!

(Last edited by holyLAN on 25 Feb 2006, 17:31)

wow! lots of responses! thanks!
One thing tho, how to I configure DNSmasq to operate on the WAN interface..

I'm trying to set it up so that my dns name will always resolve to my IP by using a dynamic hostname from dyndns.org to point at my router, and (hopefully) running a DNS server that my dns name is pointed at...

I've forwarded the ports, but when I do a nslookup of the name with my server, i get LAN information. And if I use online lookups, it can't find the nameserver.

Edit: I had previously asked a stupid question, I fixed it smile

(Last edited by eatnumber1 on 25 Feb 2006, 07:29)

OK, I don't completely get it: you have 2 domains, like domain.dyndns.org and domain.test? And what shall be resolved internally / externally? If you could provide some examples, it would be much easier to help :-)

Regards,
Marcus

I own nyctea.org, and got eatnumber1.kicks-ass.net from dyndns.org. The router keeps eatnumber1.kicks-ass.net updated with my current IP, but I want to keep nyctea.org updated. I thought that if I ran a nameserver on my WAN, I could use eatnumber1.kicks-ass.net and point nyctea at my nameserver which I could write a script that always updates the A record so it points to my IP. Maybe there's a better way to do this, IDK, but if there is, pls tell me!

I don't think it's possible to get nyctea.org delegated to a dynamic IP address. The problem is twofold: For registration of a Second Level Domain, you usually need at least 2 DNS Servers. And if you already own an active domain, these DNS server are configured on your DNS and also on the servers of the parent domain, in your case .org. So if you want to switch the DNS servers for nyctea.org to your OpenWrt system you also have to talk to your DNS provider - it's not enough to just edit the NS-Records in the nyctea.org zone.

If you just want to access hosts on your LAN by name, you could use Aliases/Cnames. If I own example.dyndns.test and example.test I can set up an Alias www.example.test and point that to example.dyndns.test. This way, everyone accessing www.example.test will get to your external IP.

Another possibillity would be to delegate your own subdomain example.nyctea.org to your OpenWrt system.

Regards,
Marcus

I was hoping to delegate nyctea.org to example.dyndns.test, and I've been having problems using a cname to do that

eatnumber1, I had exactly the same problem: to serve a zone (synthrax.ch) on my WRT, which is accessible via a dyndns.org address. luckily, i could register my name server (i.e. the dyndns.org address) with the swiss network information center (they have an automated web form for that purpose). i then setup maradns, as dnsmasq does not support SOA entries. when i tested my setup on the automated test program of switch.ch (the swiss nic), it warned me that i don't have a secondary name server, which i don't care about...
anyway, it works smile
i don't know how it works with .org, but as you are (presumably) the owner of nyctea.org, you should be able to specify your own nameserver at your dns authority, which would then of course be eatnumber1.kicks-ass.net.

so in order to be able to use your dyndns address as a nameserver, you had to register it as a nameserver with the swiss network information center? Was is free? Do you have a link?

Exactly, and yes, it is free (you already pay for the domain!)
unfortunately, i cannot give you a link as you need to login and go to the administrative pages to be able to register a name server for your domain.
hm, you cannot do something similar with your dns registrar?

ah, i see what you mean, I thought you had to register it as a nameserver before you could specify it in your DNS registrar.

yes, i had to register the nameserver with the dyndns address, but it was a quick and easy procedure. after registration of the nameserver, i could then use this nameserver to serve my zone.

Hi,

also I always have the problem that when maradns is running an binded to WAN IP, dnsmasq says that the addressis already in use.

maradns is binded to WAN IP (bind_address="xxx.xxx.xxx.xxx"; I also tried ipv4_bind_addresses="xxx.xxx.xxx.xxx")

and in dnsmasq.conf I tried to bind it to LAN

(
  listen-address=192.168.1.1
  interface=br0                   #lan+wifi
  local=/lan/
  domain=lan
)

But I always get the error: "failed to start up - failed to create listening socket: Adress already in use".

Moreover, I use a WRT54GL with White Russian.

I hope that anyone can help me!

greetings, onlineuser.

Oh, dnsmasq must be startet with -z!!!

The discussion might have continued from here.