Need help to configure internal access

ernolf · February 19, 2023, 7:18pm

When the domain
ip.changeip.com
is the adress of your cloud, then you should enter it in the

/etc/dnsmasq.addn-hosts.local

192.168.0.20    ip.changeip.com

dnsmasq looks in its hostsfile first and when it is not in there, it forwards the request to the external dns-servers.

marsjungle · February 19, 2023, 7:32pm

No no
This is not my domain
Changeip is the registrar, but i do not.know why the route is calling those

ernolf · February 19, 2023, 7:58pm

Take it as part of the background noise of the Internet. It is only new to you, since you now are able to see a bit more of what happens all the time

KarlF12 · February 19, 2023, 9:19pm

Which is why I always recommend split-horizon DNS and describe use of the hosts file as a last resort.

marsjungle · February 20, 2023, 8:31am

But i need another server to do so (another appliance) ?
Or i do not clearly understand how to do so with only my rpi with ncp on it and dnsmasq, and a fuc**** router
In any case im blocked

KarlF12 · February 21, 2023, 4:15am

It would involve selecting and learning a DNS server (bind, dnsmasq, there are others), implementing it on the rpi along with the appropriate zone and records, then making it the primary/sole DNS server for your LAN.

It sounds like your router is causing you some problems. If you’re interested in replacing it, check out OPNsense. It can also do both the DNS server and the NAT reflection.

goggles · August 9, 2024, 9:17am

Necro, I know… but thank you for this!!

I was able to follow it (with some effort, trial-and-error, and lots of googling) to get the setup i wanted!

I suggest fixing the formatting around your logrotate snippet.

For future users who want other LAN devices to be able to connect, make sure you add a listen-address directive in dnsmasq.conf.mine. I mistakenly only added 127.0.0.1 because I thought ernolf used two entries for his two instances of dnsmasq (whereas I only have one).

If youre using ubuntu make sure you install the netmasq package from apt BEFORE starting… ubuntu 22.04 seems to preship some plugin version for NetworkManager that you don’t want to use.

Finally, if you’re not familiar with the server directive that mentions in-add.arpa, I suggest reading: https://docs.oracle.com/cd/E19683-01/816-4856/dnsintro-84/index.html which helped me understand how to adapt ernolf’s configuration to my own subnet.

My final question is about DoH … since dnsmasq is going to be forwarding a lot of requests to my chosen DNS server, is there any way to secure this communication a little bit with DoH?

Thanks again!
g