Dnsmasq: Custom name resolution for different clients

dnsmasqdomain-name-systemnetworking

I have a network on which I'm running dnsmasq to do DHCP and DNS. My network has several clients each of which needs to communicate with a master machine (which they do with a DNS query to dnsmasq for master). I now want to run several master/client groups on the same network, and I want to be able to easily configure which client is associated with which master.

Is it possible to configure dnsmasq such that it will give a different response for a certain DNS query to different clients? For example, if 10.0.2.23 queries for master I want the result to be 10.0.3.1. However, if 10.0.2.24 queries for master I want the result to be 10.0.3.2.

I know I can achieve this by just making a master entry in each client's /etc/hosts file, but I would love if this information was all in one single config file (e.g. /etc/dnsmasq.d/masterclient.conf)

Best Answer

TL;DR: explicit is better than implicit

You may also want to ensure that any diagnostics you run on your network also reveal the connection between members of each pair.

If dnsmasq is doing both dns & dhcp, its easy to solve both your "each client knows their master" problem and to make verifying the correct setup possible - by NOT making dnsmasq respond differently based on who is querying.

I recommend you instead make sure each client ask for its master specifically by making its group a part of its fully qualified domain name:

# make sure your dhcp clients use dnsmasq as dns & split them in groups
#  (you probably already do that baes on either mac or subnet)
dhcp-range=set:group1,10.0.2.0,10.0.2.23,255.255.255.0,4h
dhcp-range=set:group2,10.0.2.24,10.0.2.50,255.255.255.0,4h
dhcp-otion=option:dns-server,0.0.0.0

# based on tags, give them a dns search domain
dhcp-option=tag:group1,option:domain-search,pair1.local
dhcp-option=tag:group2,option:domain-search,pair2.local

# making the respective master address known to them
address=/master.pair1.local/10.0.3.1
address=/master.pair2.local/10.0.3.2

There are ways to base the decision about which client is in which group on different parameters; depending on what determines which group a client should be my example splitting in dhcp-range may be either sufficient or completely inappropriate.

Caveat: Reconfiguring clients into different groups can only be done in accordance with DHCP lease times - which is less flexible than dns TTL.

Best Answer

Related Solutions

Ubuntu – OpenVPN: Not all DNS entries get pushed to clients from server. (dnsmasq)

Using dnsmasq for accessing multiple nameservers assigned by DHCP

Related Topic