I have couple of servers running in VirtualBox interconnected by hosted-only network. The parent system is Ubuntu running NetworkManager which manages the DNS according to the connected network so my resolv.conf
contains
nameserver 127.0.1.1
The VirtualBox is configured that the parent system has address 10.1.0.1
and the virtual servers are statically configured to 10.1.0.2
, 10.1.0.3
….
When I change network I always find (via nmcli
) my actual nameserver and fill the value to each of the virtual servers. This is annoying as I frequently change the network and connect via different interfaces (wlan0
, eth0
).
My idea is to use the NetworkManager managed DNS server as server for the virtuals. But when I put nameserver 10.1.0.1
in resolv.conf of the virtual servers the DNS is not resolved.
Clearly the DNS server managed by the NetworkManager is bound only to 127.0.1.1
.
I tried to add listen-interface=10.1.0.1
to /etc/NetworkManager/dnsmasq.d/<my-file>
it works after NetworkManager restart but only when the Virtual Box is running and the vboxnet0
interface exists. When the Virtual Box is down the dnsmasq
fails to start.
I also tried use bind-dynamic
option to dnsmasq but it is incompatible with bind-interface
added to dnsmasq
command by NetworkManager.
Question: How can I make the NetworkManager to bind dnsmasq to 10.1.0.1
after vboxnet0
interface appears? Or how to make it to start another instance of dnsmasq
forwarding 10.1.0.1
request to 127.0.1.1
?
Additional info:
# ifconfig
...
vboxnet0 Link encap:Ethernet HWaddr 0a:00:27:00:00:00
inet addr:10.1.0.1 Bcast:10.1.0.255 Mask:255.255.255.0
...
–
# ps aux|grep dnsmasq
nobody 1252 0.0 0.0 52976 4108 ? S dub10 0:00
/usr/sbin/dnsmasq --no-resolv --keep-in-foreground --no-hosts
--bind-interfaces --pid-file=/var/run/NetworkManager/dnsmasq.pid
--listen-address=127.0.1.1 --cache-size=0 --conf-file=/dev/null
--proxy-dnssec --enable-dbus=org.freedesktop.NetworkManager.dnsmasq
--conf-dir=/etc/NetworkManager/dnsmasq.d
–
#netstat -antp|grep ':53'
tcp 0 0 127.0.1.1:53 0.0.0.0:* LISTEN 1252/dnsmasq
–
# nslookup google.com 127.0.1.1
Server: 127.0.1.1
Address: 127.0.1.1#53
Non-authoritative answer:
Name: google.com
Address: 64.233.164
–
# nslookup google.com 10.1.0.1
;; connection timed out; no servers could be reached
Best Answer
This can be resolved (heh) with a wrapper script for
dnsmasq
to replace--bind-interfaces
with--bind-dynamic
, but for some reasonNetworkManager
hardcodes its search path, so first the original binary has to be moved out of the way (ondpkg
-based systems, use a command likedpkg-divert --local --rename --divert /usr/local/sbin/dnsmasq --add /usr/sbin/dnsmasq
).Then create a new
/usr/sbin/dnsmasq
:Change
/usr/local/sbin/dnsmasq
as needed to point to the original binary, mark the script as executable (chmod +x /usr/sbin/dnsmasq
), and add whateverinterface=
lines to a file in/etc/NetworkManager/dnsmasq.d
.Caveats:
/usr/local/sbin
might break ifNetworkManager
is updated to honor thePATH
environment variable. If this is a concern, move the real executable to a non-PATH
location such as/usr/lib
(but see #2 below)./usr/sbin
in$PATH
will cause--bind-interfaces
(-z
) to be replaced when manually invokingdnsmasq
on the command line.