Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
to all resolve to the same IP address.
I accomplished this by using dnsmasq. I only want this on this workstation on my local network so I set the listen-address to 127.0.0.1
That works as expected. I can resolve *.mysite.com to 10.10.1.100.
I can also ping anything on the internet as in my resolv.dnsmasq file I put in my asus router's IP which handles getting the dns from IP provider and so on.
The problem is this.
When dnsmasq is up and going, the other internal computers on my workstation's subnet no longer resolve. Previously hitting 10.1.1.1 as my nameserver (in resolv.conf) they all resolved flawlessly. As a computer would come online and get it's dhcp address handed to it the router would handle all dns requests going through it for those machines.
But now I get this. In this example I first do a nslookup with dnsmasq off, then I turn it on and do a nslookup.
Non-authoritative answer:
*** Can't find rollo: No answer
I'm on Fedora 28. I swear this all worked previously o Fedora 23.
My understanding is that having the 10.1.1.1 listed as an upstream dns serer that it should forward requests it doesn't know about to it, but it is not, but only for local workstations.
Things outside my local network seem to still work fine.
i.e.
So if you only need those hosts to resolve on your own workstation, why not just put those names/addresses into your local /etc/hosts file, and not run any sort of DNS at all?
because then I have to manage static IP's.
So first off I don't want to have static IP's unless I have to.
Secondly I can spin up vm's, be they websites, or cluster nodes that I'm noodlin with, and it's really handy to just do that and resolv the name, and to not worry about IP clashes.
It's just very odd to me that if, for example, I'm on the 10.1.1.* network on my workstation and that I can not dns resolve any other machine on 10.1.1.* with dnsmasq on, but yet I can resolve everything else. It's like dnsmasq is taking over for router and when the router is referred to for dns lookups that router only passes it upstream and doesn't do it's normal thing of resolving local machines.
not sure why, was hoping some one here might know.
I would like a series of url's to resolve to one address.
Not sure exactly what you're trying to do, but resolving several urls to one IP address is usually done in the web server configuration, not by using DNS.
Not sure what I was thinking...Yes, you need to set up some kind of name to IP resolution in /etc/hosts or DNS...sorry.
because then I have to manage static IP's. So first off I don't want to have static IP's unless I have to. Secondly I can spin up vm's, be they websites, or cluster nodes that I'm noodlin with, and it's really handy to just do that and resolv the name, and to not worry about IP clashes.
It's just very odd to me that if, for example, I'm on the 10.1.1.* network on my workstation and that I can not dns resolve any other machine on 10.1.1.* with dnsmasq on, but yet I can resolve everything else. It's like dnsmasq is taking over for router and when the router is referred to for dns lookups that router only passes it upstream and doesn't do it's normal thing of resolving local machines.
Understand what you're saying, but seems to me like you're doing the same thing in either case.
You'd have to edit things in dnsmasq to reflect any changes...just like you would have to edit /etc/hosts. So you're still editing files to reflect changes that only affect one workstation. Not saving a whole lot of effort, unless multiple machines are accessing DNS on that box, which it sounds like you don't want.
Understand what you're saying, but seems to me like you're doing the same thing in either case.
You'd have to edit things in dnsmasq to reflect any changes...just like you would have to edit /etc/hosts. So you're still editing files to reflect changes that only affect one workstation. Not saving a whole lot of effort, unless multiple machines are accessing DNS on that box, which it sounds like you don't want.
...in that order, to see if specifying the loopback device by name makes a difference.
So to the later part, didn't make a difference putting the interface line in.
To the former part. To an extent yes you are correct i Have to manage "some" static IP's. The difference is this.
I have an application that I'm working on, where the base url is "mysite.com" (that's not it but works for this reference).
It is a multi-tenant application, and the way the different tenants come in is by putting in their tenant in the url. i.e. "tenant1.mysite.com"
That hits the application it parses out the tenant1 to know who it is and enforce the multi-tenancy rules around that.
So. That means I have a complete variable number of tenants that can grow quite a bit. DNSmasq saves the day here for my development enviro as I can dynamically spin up sites/tenants and it just wildcard's all the *.mysite.com to the same IP.
The pain is, things like, say, my printer which is wireless and totally dynamic could change it's IP and I wouldn't resolve to it anymore. Or my nas backup. (if i had those as host entries) My kids have a few computers on this and I haven't segmented out the network really, my wife uses the home network for her work as well. My experience is static IP's should be used with caution.
So while it's pretty easy for me to manage a handful of static IP's for VM's that I run my application off of using dnsmasq.conf. It would be a pain to static out everything else, I certainly *can* go into my router and bind every last device that I care about to static IP's and segment off that range from dhcp. But that's not a good way to go.
It's just damn odd to me that dnsmasq is working flawlessly except for machines on the same subnet. There seems like there shoudl be a configuration setting to get around this or I did something wrong. I'll keep diggin. tx
So to the later part, didn't make a difference putting the interface line in.
Then you're right; there is something VERY odd going on, because that should have bound dnsmasq to lo (a note: did you verify that you had 'lo', and not 'lo0'?), which doesn't exist outside your system.
You could also try to totally block the DNS port 53:
Code:
/sbin/iptables -A INPUT -p tcp --destination-port 53 -j DROP
..so any incoming requests on port 53 get dropped.
Quote:
To the former part. To an extent yes you are correct i Have to manage "some" static IP's. The difference is this. I have an application that I'm working on, where the base url is "mysite.com" (that's not it but works for this reference). It is a multi-tenant application, and the way the different tenants come in is by putting in their tenant in the url. i.e. "tenant1.mysite.com" That hits the application it parses out the tenant1 to know who it is and enforce the multi-tenancy rules around that.
So. That means I have a complete variable number of tenants that can grow quite a bit. DNSmasq saves the day here for my development enviro as I can dynamically spin up sites/tenants and it just wildcard's all the *.mysite.com to the same IP. The pain is, things like, say, my printer which is wireless and totally dynamic could change it's IP and I wouldn't resolve to it anymore. Or my nas backup. (if i had those as host entries) My kids have a few computers on this and I haven't segmented out the network really, my wife uses the home network for her work as well. My experience is static IP's should be used with caution.
So while it's pretty easy for me to manage a handful of static IP's for VM's that I run my application off of using dnsmasq.conf. It would be a pain to static out everything else, I certainly *can* go into my router and bind every last device that I care about to static IP's and segment off that range from dhcp. But that's not a good way to go.
It's just damn odd to me that dnsmasq is working flawlessly except for machines on the same subnet. There seems like there shoudl be a configuration setting to get around this or I did something wrong. I'll keep diggin. tx
Understand what you mean. Try the iptables rule too.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.