How to use dnsmasq address directive while having different nameservers for each lan interface

1

I have always used dnsmasq to point a subdomain to my local dev machine at the router/network level.

address=/dev.example.com/192.168.1.80

I have now setup two vlan interfaces for other purposes (i.e. guest network). I need to be able to use different nameservers on each lan, which I also accomplished using dnsmasq.

dhcp-option=br0,6,208.67.222.123,208.67.220.123
dhcp-option=br1,6,208.67.222.222,208.67.220.220
dhcp-option=br2,6,208.67.222.123,208.67.220.123

However, once this configuration is in place, the address directive no longer works. It appears this dhcp config will be used for dns resolution above everything else, so requests for the dev subdomain reach out to the internet rather than my local ip as before. For good measure, I have tried moving the address directive before and after the dhcp config. It makes no difference.

Is there a way to assign per interface dns servers and use the address directive, or to accomplish the same behavior some other way?

In case it helps, I am using AdvancedTomato firmware.

m59

Posted 2018-01-16T05:02:47.883

Reputation: 113

1Those local hosts won't resolve unless you use the dnsmasq machine as DNS server. So for example, you could set br0's DNS server to 192.168.1.1 (assumed) and local hosts will resolve on br0 only. – multithr3at3d – 2018-01-16T05:14:42.933

@multithr3at3d You are correct! Would you like to post that as an answer with the corrected config? I just added the interface's ip (which you guessed correctly) as the first ip in the list for that interface's nameservers. – m59 – 2018-01-16T13:48:46.203

Answers

1

The dnsmasq server listens on the router itself. However, the noted configuration above tells all devices on those 3 networks to use DNS servers outside of your network, meaning the local addresses will not resolve.

You need to set the DNS server to the router's address on the networks where you want local addresses to resolve. For example, to enable on br0, change the config to:

dhcp-option=br0,6,192.168.1.1
dhcp-option=br1,6,208.67.222.222,208.67.220.220
dhcp-option=br2,6,208.67.222.123,208.67.220.123

multithr3at3d

Posted 2018-01-16T05:02:47.883

Reputation: 516

I actually did dhcp-option=br0,6,192.168.1.1,208.67.222.123,208.67.220.123 so I would keep my OpenDNS servers as well. – m59 – 2018-01-16T15:39:44.050

If you set dnsmasq's upstream servers, you don't need to do that, although either way is probably fine. – multithr3at3d – 2018-01-16T15:43:47.477

It turns out this didn't quite solve my problem. Getting the address directive to work this way is stopping the OpenDNS servers from being used for everything else on br0. Alternatively, if I set the OpenDNS servers under WAN in the GUI, I end up breaking the vpn I am routing br1 to. (btw, I am no longer using that dhcp-option on br1 since I am using a vpn there). Any ideas? – m59 – 2018-01-24T03:24:39.700

Try and add server=208.67.222.123 to dnsmasq's configuration for each of the upstream DNS servers. – multithr3at3d – 2018-01-24T05:42:35.633

Yep - I have tried that. It messes with the vpn on br1. My IP address leaks. – m59 – 2018-01-24T06:13:15.157

Only way that could be happening is if your router is intercepting the DNS queries, or the client has chosen the router as DNS server. – multithr3at3d – 2018-01-24T14:59:19.080