OpenWRT router's dnsmasq settings block lan name resolution?
I have a version 15.05 OpenWRT router which is a member of a local network. This network has its own DHCP and DNS servers which dnsmasq should automatically use for domain name resolution. However host names for members of the lan are not resolving through dnsmasq.
I tried /etc/init.d/dnsmasq stop which allowed these names to resolve on the router. However this stopped all domain name resolution on my laptop while connected to the router.
I'd like dnsmasq to not filter local domain names from its results, and for it to use the proper DNS servers (I belive it does), or to find a way to live without dnsmasq by passing on upstream DNS server IP addresses to clients of the router. (I would prefer to not hard code DNS server IP addresses so that the router can be used in other environments without reconfiguration.)
I disabled some of the options below because they ensure "... that requests for these local host names (and the reverse lookup) never get forwarded to the upstream DNS servers." [1] However This did not solve my issues with dnsmasq.
root@wrt0:~# cat /etc/config/dhcp
config dnsmasq
#option domainneeded '1'
option domainneeded '0'
#option boguspriv '1'
option boguspriv '0'
option filterwin2k '0'
#option localise_queries '1'
option localise_queries '0'
option rebind_protection '1'
option rebind_localhost '1'
option local '/lan/'
option domain 'lan'
#option expandhosts '1'
option expandhosts '0'
option nonegcache '0'
#option authoritative '1'
option authoritative '0'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option resolvfile '/tmp/resolv.conf.auto'
option localservice '1'
...
root@wrt0:~# cat /etc/config/network
...
config interface 'lan'
option ifname 'eth1'
option type 'bridge'
option proto 'static'
option ipaddr '10.0.2.1'
option netmask '255.255.255.0'
...
root@wrt0:~# cat /etc/resolv.conf
search lan
nameserver 127.0.0.1
root@wrt0:~# cat /tmp/resolv.conf.auto
# Interface wan
nameserver 192.168.0.10
nameserver 192.168.0.25
search office.website.org
search website.org
When resolving local names using dnsqmasq, resolution fails:
root@wrt0:~# nslookup abc.office.website.org
Server: 127.0.0.1
Address 1: 127.0.0.1 localhost
nslookup: can't resolve 'abc.office.website.org': Name or service not known
When bypassing dnsmasq, resolution works fine:
root@wrt0:~# nslookup abc.office.website.org 192.168.0.10
Server: 192.168.0.10
Address 1: 192.168.0.10 resolver.office.website.org
Name: abc.office.website.org
Address 1: 192.168.0.32 abc.office.website.org
dnsmasq looks up internet-facing servers without a hitch:
root@wrt0:~# nslookup abc.website.org
Server: 127.0.0.1
Address 1: 127.0.0.1 localhost
Name: abc.website.org
Address 1: 208.xxx.xxx.xxx xyz.website.org
Do you have any ideas about how I may bypass dnsmasq's filtering, or bypass dnsmasq altogether? Thanks! : D
router dns lan openwrt dnsmasq
asked Oct 1 '15 at 20:56
sudoman
15319
add a comment |
I have a version 15.05 OpenWRT router which is a member of a local network. This network has its own DHCP and DNS servers which dnsmasq should automatically use for domain name resolution. However host names for members of the lan are not resolving through dnsmasq.
I tried /etc/init.d/dnsmasq stop which allowed these names to resolve on the router. However this stopped all domain name resolution on my laptop while connected to the router.
I'd like dnsmasq to not filter local domain names from its results, and for it to use the proper DNS servers (I belive it does), or to find a way to live without dnsmasq by passing on upstream DNS server IP addresses to clients of the router. (I would prefer to not hard code DNS server IP addresses so that the router can be used in other environments without reconfiguration.)
I disabled some of the options below because they ensure "... that requests for these local host names (and the reverse lookup) never get forwarded to the upstream DNS servers." [1] However This did not solve my issues with dnsmasq.
root@wrt0:~# cat /etc/config/dhcp
config dnsmasq
#option domainneeded '1'
option domainneeded '0'
#option boguspriv '1'
option boguspriv '0'
option filterwin2k '0'
#option localise_queries '1'
option localise_queries '0'
option rebind_protection '1'
option rebind_localhost '1'
option local '/lan/'
option domain 'lan'
#option expandhosts '1'
option expandhosts '0'
option nonegcache '0'
#option authoritative '1'
option authoritative '0'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option resolvfile '/tmp/resolv.conf.auto'
option localservice '1'
...
root@wrt0:~# cat /etc/config/network
...
config interface 'lan'
option ifname 'eth1'
option type 'bridge'
option proto 'static'
option ipaddr '10.0.2.1'
option netmask '255.255.255.0'
...
root@wrt0:~# cat /etc/resolv.conf
search lan
nameserver 127.0.0.1
root@wrt0:~# cat /tmp/resolv.conf.auto
# Interface wan
nameserver 192.168.0.10
nameserver 192.168.0.25
search office.website.org
search website.org
When resolving local names using dnsqmasq, resolution fails:
root@wrt0:~# nslookup abc.office.website.org
Server: 127.0.0.1
Address 1: 127.0.0.1 localhost
nslookup: can't resolve 'abc.office.website.org': Name or service not known
When bypassing dnsmasq, resolution works fine:
root@wrt0:~# nslookup abc.office.website.org 192.168.0.10
Server: 192.168.0.10
Address 1: 192.168.0.10 resolver.office.website.org
Name: abc.office.website.org
Address 1: 192.168.0.32 abc.office.website.org
dnsmasq looks up internet-facing servers without a hitch:
root@wrt0:~# nslookup abc.website.org
Server: 127.0.0.1
Address 1: 127.0.0.1 localhost
Name: abc.website.org
Address 1: 208.xxx.xxx.xxx xyz.website.org
Do you have any ideas about how I may bypass dnsmasq's filtering, or bypass dnsmasq altogether? Thanks! : D
router dns lan openwrt dnsmasq
asked Oct 1 '15 at 20:56
sudoman
15319
add a comment |
I have a version 15.05 OpenWRT router which is a member of a local network. This network has its own DHCP and DNS servers which dnsmasq should automatically use for domain name resolution. However host names for members of the lan are not resolving through dnsmasq.
I tried /etc/init.d/dnsmasq stop which allowed these names to resolve on the router. However this stopped all domain name resolution on my laptop while connected to the router.
I'd like dnsmasq to not filter local domain names from its results, and for it to use the proper DNS servers (I belive it does), or to find a way to live without dnsmasq by passing on upstream DNS server IP addresses to clients of the router. (I would prefer to not hard code DNS server IP addresses so that the router can be used in other environments without reconfiguration.)
I disabled some of the options below because they ensure "... that requests for these local host names (and the reverse lookup) never get forwarded to the upstream DNS servers." [1] However This did not solve my issues with dnsmasq.
root@wrt0:~# cat /etc/config/dhcp
config dnsmasq
#option domainneeded '1'
option domainneeded '0'
#option boguspriv '1'
option boguspriv '0'
option filterwin2k '0'
#option localise_queries '1'
option localise_queries '0'
option rebind_protection '1'
option rebind_localhost '1'
option local '/lan/'
option domain 'lan'
#option expandhosts '1'
option expandhosts '0'
option nonegcache '0'
#option authoritative '1'
option authoritative '0'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option resolvfile '/tmp/resolv.conf.auto'
option localservice '1'
...
root@wrt0:~# cat /etc/config/network
...
config interface 'lan'
option ifname 'eth1'
option type 'bridge'
option proto 'static'
option ipaddr '10.0.2.1'
option netmask '255.255.255.0'
...
root@wrt0:~# cat /etc/resolv.conf
search lan
nameserver 127.0.0.1
root@wrt0:~# cat /tmp/resolv.conf.auto
# Interface wan
nameserver 192.168.0.10
nameserver 192.168.0.25
search office.website.org
search website.org
When resolving local names using dnsqmasq, resolution fails:
root@wrt0:~# nslookup abc.office.website.org
Server: 127.0.0.1
Address 1: 127.0.0.1 localhost
nslookup: can't resolve 'abc.office.website.org': Name or service not known
When bypassing dnsmasq, resolution works fine:
root@wrt0:~# nslookup abc.office.website.org 192.168.0.10
Server: 192.168.0.10
Address 1: 192.168.0.10 resolver.office.website.org
Name: abc.office.website.org
Address 1: 192.168.0.32 abc.office.website.org
dnsmasq looks up internet-facing servers without a hitch:
root@wrt0:~# nslookup abc.website.org
Server: 127.0.0.1
Address 1: 127.0.0.1 localhost
Name: abc.website.org
Address 1: 208.xxx.xxx.xxx xyz.website.org
Do you have any ideas about how I may bypass dnsmasq's filtering, or bypass dnsmasq altogether? Thanks! : D
router dns lan openwrt dnsmasq
asked Oct 1 '15 at 20:56
sudoman
15319
I have a version 15.05 OpenWRT router which is a member of a local network. This network has its own DHCP and DNS servers which dnsmasq should automatically use for domain name resolution. However host names for members of the lan are not resolving through dnsmasq.
I tried /etc/init.d/dnsmasq stop which allowed these names to resolve on the router. However this stopped all domain name resolution on my laptop while connected to the router.
I'd like dnsmasq to not filter local domain names from its results, and for it to use the proper DNS servers (I belive it does), or to find a way to live without dnsmasq by passing on upstream DNS server IP addresses to clients of the router. (I would prefer to not hard code DNS server IP addresses so that the router can be used in other environments without reconfiguration.)
I disabled some of the options below because they ensure "... that requests for these local host names (and the reverse lookup) never get forwarded to the upstream DNS servers." [1] However This did not solve my issues with dnsmasq.
root@wrt0:~# cat /etc/config/dhcp
config dnsmasq
#option domainneeded '1'
option domainneeded '0'
#option boguspriv '1'
option boguspriv '0'
option filterwin2k '0'
#option localise_queries '1'
option localise_queries '0'
option rebind_protection '1'
option rebind_localhost '1'
option local '/lan/'
option domain 'lan'
#option expandhosts '1'
option expandhosts '0'
option nonegcache '0'
#option authoritative '1'
option authoritative '0'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option resolvfile '/tmp/resolv.conf.auto'
option localservice '1'
...
root@wrt0:~# cat /etc/config/network
...
config interface 'lan'
option ifname 'eth1'
option type 'bridge'
option proto 'static'
option ipaddr '10.0.2.1'
option netmask '255.255.255.0'
...
root@wrt0:~# cat /etc/resolv.conf
search lan
nameserver 127.0.0.1
root@wrt0:~# cat /tmp/resolv.conf.auto
# Interface wan
nameserver 192.168.0.10
nameserver 192.168.0.25
search office.website.org
search website.org
When resolving local names using dnsqmasq, resolution fails:
root@wrt0:~# nslookup abc.office.website.org
Server: 127.0.0.1
Address 1: 127.0.0.1 localhost
nslookup: can't resolve 'abc.office.website.org': Name or service not known
When bypassing dnsmasq, resolution works fine:
root@wrt0:~# nslookup abc.office.website.org 192.168.0.10
Server: 192.168.0.10
Address 1: 192.168.0.10 resolver.office.website.org
Name: abc.office.website.org
Address 1: 192.168.0.32 abc.office.website.org
dnsmasq looks up internet-facing servers without a hitch:
root@wrt0:~# nslookup abc.website.org
Server: 127.0.0.1
Address 1: 127.0.0.1 localhost
Name: abc.website.org
Address 1: 208.xxx.xxx.xxx xyz.website.org
Do you have any ideas about how I may bypass dnsmasq's filtering, or bypass dnsmasq altogether? Thanks! : D
router dns lan openwrt dnsmasq
router dns lan openwrt dnsmasq
asked Oct 1 '15 at 20:56
sudoman
15319
asked Oct 1 '15 at 20:56
sudoman
15319
edited Oct 1 '15 at 21:05
asked Oct 1 '15 at 20:56
sudoman
15319
asked Oct 1 '15 at 20:56
sudoman
15319
asked Oct 1 '15 at 20:56
sudoman
15319
15319
add a comment |
add a comment |
2 Answers
2
active
oldest
votes
One solution is to disable dnsmasq and change the dhcp 'lan' section of /etc/config/dhcp, although it requires network-specific configuration:
root@wrt0:~# /etc/init.d/dnsmasq stop
root@wrt0:~# /etc/init.d/dnsmasq disable
config dhcp 'lan'
option interface 'lan'
option start '100'
option limit '150'
option leasetime '12h'
option dhcpv6 'server'
option dhcpv4 'server'
option ra 'server'
list dns '192.168.0.10'
list dns '192.168.0.25'
list domain 'office.website.org'
list domain 'website.org'
list domain 'othersite.org'
Another way to achieve similar results is to use dnsmasq and add an option to /etc/dnsmasq.conf:
dhcp-option=6, 192.168.0.10, 192.168.0.25
Hoewver it isn't clear how to set multiple search domains using dnsmasq.
Unfortunately, for both of these methods settings needs to be edited if the router is used on a different network or if the DNS IP address changes, so it is not the perfect answer.
answered Oct 2 '15 at 17:48
sudoman
15319
add a comment |
First of all, you should really upgrade to the current (18.X) or last release (17.X.X): https://wiki.openwrt.org/de/doc/howto/generic.sysupgrade
If I understand correctly, the DNS and DHCP server are different devices in your network?
If so, the domainneeded should probably be on and you should have the DNS to IP mapping in /etc/hosts. Read the first part of the documentation for further hints.
answered Aug 5 at 23:09
AdamKalisz
40946
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "3"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f980950%2fopenwrt-routers-dnsmasq-settings-block-lan-name-resolution%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
One solution is to disable dnsmasq and change the dhcp 'lan' section of /etc/config/dhcp, although it requires network-specific configuration:
root@wrt0:~# /etc/init.d/dnsmasq stop
root@wrt0:~# /etc/init.d/dnsmasq disable
config dhcp 'lan'
option interface 'lan'
option start '100'
option limit '150'
option leasetime '12h'
option dhcpv6 'server'
option dhcpv4 'server'
option ra 'server'
list dns '192.168.0.10'
list dns '192.168.0.25'
list domain 'office.website.org'
list domain 'website.org'
list domain 'othersite.org'
Another way to achieve similar results is to use dnsmasq and add an option to /etc/dnsmasq.conf:
dhcp-option=6, 192.168.0.10, 192.168.0.25
Hoewver it isn't clear how to set multiple search domains using dnsmasq.
Unfortunately, for both of these methods settings needs to be edited if the router is used on a different network or if the DNS IP address changes, so it is not the perfect answer.
answered Oct 2 '15 at 17:48
sudoman
15319
add a comment |
One solution is to disable dnsmasq and change the dhcp 'lan' section of /etc/config/dhcp, although it requires network-specific configuration:
root@wrt0:~# /etc/init.d/dnsmasq stop
root@wrt0:~# /etc/init.d/dnsmasq disable
config dhcp 'lan'
option interface 'lan'
option start '100'
option limit '150'
option leasetime '12h'
option dhcpv6 'server'
option dhcpv4 'server'
option ra 'server'
list dns '192.168.0.10'
list dns '192.168.0.25'
list domain 'office.website.org'
list domain 'website.org'
list domain 'othersite.org'
Another way to achieve similar results is to use dnsmasq and add an option to /etc/dnsmasq.conf:
dhcp-option=6, 192.168.0.10, 192.168.0.25
Hoewver it isn't clear how to set multiple search domains using dnsmasq.
Unfortunately, for both of these methods settings needs to be edited if the router is used on a different network or if the DNS IP address changes, so it is not the perfect answer.
answered Oct 2 '15 at 17:48
sudoman
15319
add a comment |
One solution is to disable dnsmasq and change the dhcp 'lan' section of /etc/config/dhcp, although it requires network-specific configuration:
root@wrt0:~# /etc/init.d/dnsmasq stop
root@wrt0:~# /etc/init.d/dnsmasq disable
config dhcp 'lan'
option interface 'lan'
option start '100'
option limit '150'
option leasetime '12h'
option dhcpv6 'server'
option dhcpv4 'server'
option ra 'server'
list dns '192.168.0.10'
list dns '192.168.0.25'
list domain 'office.website.org'
list domain 'website.org'
list domain 'othersite.org'
Another way to achieve similar results is to use dnsmasq and add an option to /etc/dnsmasq.conf:
dhcp-option=6, 192.168.0.10, 192.168.0.25
Hoewver it isn't clear how to set multiple search domains using dnsmasq.
Unfortunately, for both of these methods settings needs to be edited if the router is used on a different network or if the DNS IP address changes, so it is not the perfect answer.
answered Oct 2 '15 at 17:48
sudoman
15319
One solution is to disable dnsmasq and change the dhcp 'lan' section of /etc/config/dhcp, although it requires network-specific configuration:
root@wrt0:~# /etc/init.d/dnsmasq stop
root@wrt0:~# /etc/init.d/dnsmasq disable
config dhcp 'lan'
option interface 'lan'
option start '100'
option limit '150'
option leasetime '12h'
option dhcpv6 'server'
option dhcpv4 'server'
option ra 'server'
list dns '192.168.0.10'
list dns '192.168.0.25'
list domain 'office.website.org'
list domain 'website.org'
list domain 'othersite.org'
Another way to achieve similar results is to use dnsmasq and add an option to /etc/dnsmasq.conf:
dhcp-option=6, 192.168.0.10, 192.168.0.25
Hoewver it isn't clear how to set multiple search domains using dnsmasq.
Unfortunately, for both of these methods settings needs to be edited if the router is used on a different network or if the DNS IP address changes, so it is not the perfect answer.
answered Oct 2 '15 at 17:48
sudoman
15319
edited Oct 2 '15 at 21:02
answered Oct 2 '15 at 17:48
sudoman
15319
answered Oct 2 '15 at 17:48
sudoman
15319
answered Oct 2 '15 at 17:48
sudoman
15319
15319
add a comment |
add a comment |
First of all, you should really upgrade to the current (18.X) or last release (17.X.X): https://wiki.openwrt.org/de/doc/howto/generic.sysupgrade
If I understand correctly, the DNS and DHCP server are different devices in your network?
If so, the domainneeded should probably be on and you should have the DNS to IP mapping in /etc/hosts. Read the first part of the documentation for further hints.
answered Aug 5 at 23:09
AdamKalisz
40946
add a comment |
First of all, you should really upgrade to the current (18.X) or last release (17.X.X): https://wiki.openwrt.org/de/doc/howto/generic.sysupgrade
If I understand correctly, the DNS and DHCP server are different devices in your network?
If so, the domainneeded should probably be on and you should have the DNS to IP mapping in /etc/hosts. Read the first part of the documentation for further hints.
answered Aug 5 at 23:09
AdamKalisz
40946
add a comment |
First of all, you should really upgrade to the current (18.X) or last release (17.X.X): https://wiki.openwrt.org/de/doc/howto/generic.sysupgrade
If I understand correctly, the DNS and DHCP server are different devices in your network?
If so, the domainneeded should probably be on and you should have the DNS to IP mapping in /etc/hosts. Read the first part of the documentation for further hints.
answered Aug 5 at 23:09
AdamKalisz
40946
First of all, you should really upgrade to the current (18.X) or last release (17.X.X): https://wiki.openwrt.org/de/doc/howto/generic.sysupgrade
If I understand correctly, the DNS and DHCP server are different devices in your network?
If so, the domainneeded should probably be on and you should have the DNS to IP mapping in /etc/hosts. Read the first part of the documentation for further hints.
answered Aug 5 at 23:09
AdamKalisz
40946
answered Aug 5 at 23:09
AdamKalisz
40946
answered Aug 5 at 23:09
AdamKalisz
40946
answered Aug 5 at 23:09
AdamKalisz
40946
40946
add a comment |
add a comment |
Thanks for contributing an answer to Super User!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f980950%2fopenwrt-routers-dnsmasq-settings-block-lan-name-resolution%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
