Internal DNS-server to override certain lookups

1

1

I have a few different servers at home. Some are exposed to the outside, and I have setup a domain for my home stuff. Let's say this is myhome.mydomain.com. I have also setup a wildcard DNS *.myhome.mydomain.com which points to the same server (both are CNAME records to my routers built in DDNS function).

This works perfectly from the outside. But from the inside something goes haywire. I guess it has something to do with routing from the inside to the outside to the inside... So as I see it my options are to either figure out why the routing is broken, or setup an internal DNS-server to point myhome.mydomain.com to my internal IP for this server, and forward the rest to my ISP's DNS or Googles or OpenDNS or something.

How do I setup this internal DNS server? I also want it to respond to the wildcard because my plan is to have an nginx proxy in front of all the services I wish to expose to the outside eventually.

Christian Wattengård

Posted 2015-06-16T08:34:19.580

Reputation: 445

On which os do you want to setup the DNS server? – Silvio Massina – 2015-06-16T08:58:07.060

Are you referring to resolving internal names (i.e., into private, LAN addresses) or public names corresponding to routable IP addresses? Normally, from inside the LAN, it is best to use private addresses (and private names) so as to avoid hairpinning). – MariusMatutiae – 2015-06-16T08:58:29.213

I have a linux box I want to run the dns-server on. I want to resolve myhome.domain.com to a LAN addres (192.168.1.5) when on the inside, but to my home public ip (80.2.3.4) when on the outside. – Christian Wattengård – 2015-06-16T10:16:16.043

Answers

2

The outside part is already ok. The following steps are to enable the internal DNS server.

Set up dnsmasq on a local linux box.

Set it to listen on the interface connected to your LAN.

Set some external DNS in /etc/resolv.conf (or configure a custom resolv-file and add the DNS servers there). These DNS servers will be used to resolve anything that dnsmasq cannot resolve using its config file or the /etc/hosts contents.

Then:

  • if you want *.myhome.mydomain.com resolved to a single internal ip add:

    address=/.myhome.mydomain.com/YOUR.IP.ADD.RESS

    in dnsmasq's config file (usually /etc/dnsmasq.conf)

  • add other hosts that you want resolved by dnsmasq to /etc/hosts with the format:

    192.168.1.x name1.myhome.mydomain.com
192.168.1.y name2.myhome.mydomain.com
192.168.1.z name3.otherdomain.com

Set your box IP address as the DNS for your local network.

Silvio Massina

Posted 2015-06-16T08:34:19.580

Reputation: 434

So if I want *.myhome.mydomain.com to go to 192.168.1.5, but otherserver.myhome.mydomain.com to go to 192.168.1.6, will it read the hosts-file first, and then the dnsmasq? – Christian Wattengård – 2015-06-17T08:52:53.930

it's dnsmasq that when answering your requests will look at the /etc/hosts contents (on the machine it's running on) – Silvio Massina – 2015-06-17T09:00:36.477

Yes.. But which takes precedence when the "address" line is present with a wildcard in the dnsmasq.conf file? – Christian Wattengård – 2015-06-17T09:07:09.207

According to dnsmasq man page for the option address: "Note that /etc/hosts and DHCP leases override this for individual names" – Silvio Massina – 2015-06-17T09:19:29.517

Notice that while internally you'll be able to resolve the different names to the different internal IPs, from outside you can count only on the wildcard resolving to the single public ip. – Silvio Massina – 2015-06-17T09:30:41.620

Thank you :) Like I said... I'll probably have an nginx proxy for everything I need to be available from the outside. – Christian Wattengård – 2015-06-17T13:45:01.733

Asked: 2015-06-16T08:34:19.580

Viewed: 707 times

Active: 2015-06-16T23:20:34.617