OpenWrt Forum Archive

Topic: Dnsmasq.init and forwarding to different DNS servers

The content of this topic has been archived on 5 May 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.

I'm attempting to setup dnsmasq to forward DNS requests to different upstream DNS servers depending on the domain requested.

For example...

xyz -> 1.2.3.4
mydomain.com -> 1.2.3.4
internetdomain.com -> 5.6.7.8

Right now, 5.6.7.8 is the DNS server obtained from the ISP on the WAN port.  Resolving internet traffic is no problem.  I just need to get dnsmasq to forward unqualified hostnames and anything in mydomain.com to DNS server 1.2.3.4.

I'm new to Linux based OSes, but it appears that OpenWrt handles all the configuration of dnsmasq via the initscript rather than dnsmasq.conf.  I believe the below is the bit of code I need to modify.

append_server() {
        append args "-S $1"
}

I've tried the following without any hint of success.  The changes seemed to have no effect whatsoever, so I assume I'm missing something.

append_server() {
        append args "-S $1"
        append args "--server=/mydomain.com/1.2.3.4"
        append args "--server=//1.2.3.4"
}
append_server() {
        append args "-S $1"
        append args "-S=/mydomain.com/1.2.3.4"
        append args "-S=//1.2.3.4"
}

Do I have the syntax wrong? Something else need to be altered elsewhere in the initscript?

Thanks

The init script takes care of adding configuration from UCI (stuff in /etc/config), dnsmasq will also read /etc/dnsmasq.conf so you can safely modify that.

As for the proper syntax for your request, I'd take a look at the dnsmasq homepage or the original dnsmasq.conf for examples.

In /etc/config/dhcp

config dnsmasq
    option ...
    list server "/foo.bar/1.2.3.4"
    list server "//5.6.7.8"
    ...

Does the above solution works on BarrierBraker?

I tried to configure it with the below configuration, but is does not work:

Network config:

         Site 0                                        Site 1
192.168.100.0/24                   192.168.101.0/24
  domain: site0                          domain: site1     

  openWRT router   ---------------  openWRT router----------*       
    IP:192.168.100.1                      IP: 192.168.101.          I
           I                                                I                             I
           I                                                I                             I
  server1.site0                          server1.site1                  host B
IP:192.168.100.101            IP:192.168.101.101        IP:192.168.101.200       



dhcp configuration file of openWRT router at site0:

config dnsmasq
        option domainneeded '1'
        option boguspriv '1'
        option localise_queries '1'
        option rebind_protection '1'
        option rebind_localhost '1'
        option local '/lan/'
        option expandhosts '1'
        option authoritative '1'
        option readethers '1'
        option leasefile '/tmp/dhcp.leases'
        option resolvfile '/tmp/resolv.conf.auto'
        option domain 'site0'
       
config dhcp 'lan'
...
config host               
        option name 'server1'
        option mac 'aa:aa:aa:aa:aa:aa'
        option ip '192.168.100.101'
        option dns '1'   


dhcp configuration file of openWRT router at site1:

config dnsmasq
        option domainneeded '1'
        option boguspriv '1'
        option localise_queries '1'
        option rebind_protection '1'
        option rebind_localhost '1'
        option local '/lan/'
        option expandhosts '1'
        option authoritative '1'
        option readethers '1'
        option leasefile '/tmp/dhcp.leases'
        option resolvfile '/tmp/resolv.conf.auto'
        option domain 'site1'
        list server "/site0/192.168.100.1"

config dhcp 'lan'
...
config host               
        option name 'server1'
        option mac 'bb:bb:bb:bb:bb:bb'
        option ip '192.168.101.101'
        option dns '1'

I tried dig from host B: dig @192.168.101.1 server1.site0

There was answer, but it did not find the the entry:

dig @192.168.101.1 server1.site0

; <<>> DiG 9.8.1-P1 <<>> @192.168.101.1 server1.site0
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 39633
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;server1.site0.        IN    A

;; Query time: 52 msec
;; SERVER: 192.168.101.1#53(192.168.101.1)
;; WHEN: Wed Nov 12 23:51:43 2014
;; MSG SIZE  rcvd: 37


I tried dig from host B: dig @192.168.100.1 server1.site0

There was answer, and it find the dns entry:

user@hostB:~$ dig @192.168.100.1 server1.site0

; <<>> DiG 9.8.1-P1 <<>> @192.168.100.1 server1.site0
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63923
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;server1.site0.        IN    A

;; ANSWER SECTION:
server1.site0.    0    IN    A    192.168.100.201

;; Query time: 18 msec
;; SERVER: 192.168.100.1#53(192.168.100.1)
;; WHEN: Wed Nov 12 23:54:39 2014
;; MSG SIZE  rcvd: 53

Any idea what could be the problem?

Rebind protection was on that caused this problem. When I disables it, ping worked.

I found a better solution. I added  rebind_domain list and I could enable the rebind protection again:

        option rebind_protection '1'
        list server "/site0/192.168.100.1"
        list rebind_domain 'site0'

The discussion might have continued from here.