Discussion:
[Dnsmasq-discuss] How to use dnsmasq as a dhcp server only
Claudio Roberto Cussuol
2006-10-23 14:00:26 UTC
Permalink
Hi

I'm using dnsmasq as a dns cache and dhcp server now.
I'd like to use an authoritative dns server but i'd like to keep dnsmasq as my
dhcp server.

However when i try to run the other dns daemond it fails as dnsmasq is listening
at port 53.

Is there any option to disable the dns cache and keep dnsmasq running as a dhcp
server only?

Thank You
/dev/rob0
2006-10-23 16:19:31 UTC
Permalink
Post by Claudio Roberto Cussuol
I'm using dnsmasq as a dns cache and dhcp server now.
I'd like to use an authoritative dns server but i'd like to keep
dnsmasq as my dhcp server.
It's easier and more flexible to use dnsmasq for authoritative DNS.
Note: under your plan the DHCP clients will not be listed in your DNS.
Post by Claudio Roberto Cussuol
However when i try to run the other dns daemond it fails as dnsmasq
is listening at port 53.
Is there any option to disable the dns cache and keep dnsmasq running
as a dhcp server only?
I don't know. But I set one up where BIND named is listening on
localhost:35, and dnsmasq uses that for recursion. Works quite well.
--
Offlist mail to this address is discarded unless
"/dev/rob0" or "not-spam" is in Subject: header
Claudio Roberto Cussuol
2006-10-23 16:30:33 UTC
Permalink
Post by /dev/rob0
It's easier and more flexible to use dnsmasq for authoritative DNS.
Is it possible?????
It would be great.

But, I've read in dnsmasq site it is only a dns forwarder and it would not
support the authoritative mode.
Post by /dev/rob0
Note: under your plan the DHCP clients will not be listed in your
DNS.
Yes, I knew it.
Post by /dev/rob0
Post by Claudio Roberto Cussuol
However when i try to run the other dns daemond it fails as
dnsmasq is listening at port 53.
Is there any option to disable the dns cache and keep dnsmasq
running as a dhcp server only?
I don't know. But I set one up where BIND named is listening on
localhost:35, and dnsmasq uses that for recursion. Works quite well.
Yes, i tried this and it works.
But i still would like to use something simpler.
Using only one dns service.
/dev/rob0
2006-10-23 16:48:49 UTC
Permalink
Post by Claudio Roberto Cussuol
Post by /dev/rob0
It's easier and more flexible to use dnsmasq for authoritative DNS.
Is it possible?????
It would be great.
But, I've read in dnsmasq site it is only a dns forwarder and it
would not support the authoritative mode.
Sure, it's authoritative. Anything in /etc/hosts (or your designated
file[s]) will be served as authoritative data. Furthermore you get
reverse lookups included at no additional charge! :) That is *much*
more difficult to do in BIND.
Post by Claudio Roberto Cussuol
Post by /dev/rob0
Post by Claudio Roberto Cussuol
Is there any option to disable the dns cache and keep dnsmasq
running as a dhcp server only?
I don't know. But I set one up where BIND named is listening on
localhost:35, and dnsmasq uses that for recursion. Works quite well.
Yes, i tried this and it works.
But i still would like to use something simpler.
Using only one dns service.
Think of it in djbdns terms. DJB makes the point that recursion is a
different job than authoritative name service, so he implemented them
as separate daemons: dnscache and tinydns respectively. Furthermore,
even BIND people (which I am one, sort of) will recommend keeping the
functions separate, at least with views, if not using separate
processes (or machines) altogether.

IWFM, and I'm happy with it.
--
Offlist mail to this address is discarded unless
"/dev/rob0" or "not-spam" is in Subject: header
Eric S. Johansson
2006-10-23 16:56:04 UTC
Permalink
Post by /dev/rob0
Think of it in djbdns terms. DJB makes the point that recursion is a
different job than authoritative name service, so he implemented them
as separate daemons: dnscache and tinydns respectively. Furthermore,
even BIND people (which I am one, sort of) will recommend keeping the
functions separate, at least with views, if not using separate
processes (or machines) altogether.
well, it would be nice to have a recursive DNS component independent of
dnsmasq because I hate counting on external servers unless there is no
other alternative. On the other hand, I am just using openDNS as my
external name servers and that certainly works fine... usually.
Post by /dev/rob0
IWFM, and I'm happy with it.
For the simplicity, dnsmasq definitely wins.
Claudio Roberto Cussuol
2006-10-23 17:07:29 UTC
Permalink
Post by Eric S. Johansson
well, it would be nice to have a recursive DNS component
independent of dnsmasq because I hate counting on external servers
unless there is no other alternative.
I have this problem too.

I'm using some kind of redundant links. I have links of 2 diferent companies,
dns from company A don't work when i'm using the link of B and vice-versa....


On the other hand, I am just
Post by Eric S. Johansson
using openDNS as my external name servers and that certainly works
fine... usually.
Post by /dev/rob0
IWFM, and I'm happy with it.
For the simplicity, dnsmasq definitely wins.
Of course.

I tried MaraDns as recursive and authoritative dns server and like it a lot.
My only problem now is to disable dns part of dnsmasq in order to use the port
number 53.

I will keep the first question: Is it possible to have an option to disable the
dns part of dnsmasq?

Thank you both for the answers.
Jima
2006-11-13 15:26:11 UTC
Permalink
Post by Claudio Roberto Cussuol
I will keep the first question: Is it possible to have an option to
disable the dns part of dnsmasq?
That I've seen? Sort of: Just change the port dnsmasq's DNS resolver
listens on. Add, for instance:

port=54

to your dnsmasq.conf, restart, and it should bind to 54 instead of 53.
Firewall off traffic to port 54, and it's invisible.
I don't recommend this action in general; I'm just using it in one
corner case where I have 31 zones being served up on the same box as
dnsmasq. While dnsmasq is awesome for local caching, it's not designed
for serving up lots of authoritative DNS (at least, not that I've seen
:-).

Thanks to Simon for the great work, by the way.

Jima
Claudio Roberto Cussuol
2006-11-13 22:17:59 UTC
Permalink
Post by Jima
That I've seen? Sort of: Just change the port dnsmasq's DNS
port=54
to your dnsmasq.conf, restart, and it should bind to 54 instead of
53. Firewall off traffic to port 54, and it's invisible.
I don't recommend this action in general; I'm just using it in one
corner case where I have 31 zones being served up on the same box
as dnsmasq. While dnsmasq is awesome for local caching, it's not
designed for serving up lots of authoritative DNS (at least, not
that I've seen :-).
Yes, that's the workaround i'm using right now. Thank you.

However, My system is very tight (a floppy based firewall and router) and would
be better to not run anything not needed.
Post by Jima
Thanks to Simon for the great work, by the way.
Sure, dnsmasq is great.

Continue reading on narkive:
Loading...