Aller au contenu

« Dnsmasq » : différence entre les versions

De Banane Atomic
← Modification précédente
 
(21 versions intermédiaires par le même utilisateur non affichées)
Ligne 22 : Ligne 22 :
address=/mon-domaine.fr/192.168.0.10
address=/mon-domaine.fr/192.168.0.10


# ignorer /etc/resolv.conf car il contient uniquement localhost
# ignore /etc/resolv.conf if there is only localhost
no-resolv
no-resolv
# ignore /etc/hosts if there is only localhost
no-hosts
# Upstream DNS server addresses (serveur DNS de la box)
# Upstream DNS server addresses (serveur DNS de la box)
server=192.168.0.x
server=192.168.0.x
Ligne 43 : Ligne 45 :
</filebox>
</filebox>
{{info | Après une modification, il faut redémarrer le service {{boxx|dnsmasq}}}}
{{info | Après une modification, il faut redémarrer le service {{boxx|dnsmasq}}}}
== NetworkManager ==
Restart of {{boxx|NetworkManager}} overwrite the {{boxx|/etc/resolv.conf}} file.
<filebox fn='/etc/NetworkManager/NetworkManager.conf' lang=ini>
[main]
# add the following line to avoid NetworkManager to change the resolv.conf file
dns=none
</filebox>


== DHCPCD ==
== DHCPCD ==
Ligne 84 : Ligne 94 :


systemctl start dnsmasq
systemctl start dnsmasq
# restart the client to get a new ip adress
sc-restart dhcpcd@eth0
</kode>
</kode>


Ligne 108 : Ligne 121 :
= Firewall =
= Firewall =
<kode lang='bash'>
<kode lang='bash'>
sudo ufw allow 67,68/udp comment 'dhcp udp ports 67,68'
# allow incoming communication on port 53 with protocol tcp and udp
sudo ufw allow 53 comment 'DNS tcp/udp port 53'
 
sudo ufw allow 67,68/udp comment 'DHCP udp ports 67,68'
</kode>
</kode>
* [[Ufw#Applications_custom|UFW DNSmasq application]]


= log =
= log =
Ligne 121 : Ligne 138 :


= Erreurs =
= Erreurs =
== Temporary failure in name resolution ==
=== cron reboot ===
<filebox fn='crontab' lang='bash'>
# restart dnsmasq 60 seconds after reboot
@reboot sleep 60 && systemctl restart dnsmasq
</filebox>
=== [https://askubuntu.com/questions/536787/dnsmasq-starting-before-eth0-is-ready-and-therefore-not-binding dnsmasq.service] ===
* [https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1531184 bug]
Dnsmasq fails to respond on network devices that weren't up when its service started, thus not binding as expected.<br>
Fix: delay startup until after the network is online.
<filebox fn='/lib/systemd/system/dnsmasq.service' lang='ini'>
[Unit]
#Requires=network.target
#After=network.target
Requires=network-online.target
After=network-online.target
</filebox>
== failed to create listening socket for port 53: Address already in use ==
== failed to create listening socket for port 53: Address already in use ==
Un autre programme utilise déjà le port 53.
Un autre programme utilise déjà le port 53.
Ligne 129 : Ligne 165 :
</kode>
</kode>


=== [https://computingforgeeks.com/install-and-configure-dnsmasq-on-ubuntu-18-04-lts/ Arrêter systemd-resolved (Ubuntu 18.04)] ===
<kode lang='bash'>
sc-stop systemd-resolved
sc-disable systemd-resolved
# supprimer le lien symbolique /etc/resolv.conf
ls -lh /etc/resolv.conf
# /etc/resolv.conf -> ../run/systemd/resolve/stub-resolv.conf
sudo rm /etc/resolv.conf
</kode>
<filebox fn='/etc/resolv.conf'>
nameserver 127.0.0.1
</filebox>
=== Modifier resolved.conf ===
<filebox fn='/etc/systemd/resolved.conf' lang='ini'>
<filebox fn='/etc/systemd/resolved.conf' lang='ini'>
[Resolve]
[Resolve]

Dernière version du 10 août 2023 à 20:37

Liens

Installation

sudo pacman dnsmasq

Configuration DNS

/etc/dnsmasq.conf 
# ip du serveur
listen-address=::1, 127.0.0.1, 192.168.0.x

# définit la route par défaut si ce n'est pas celle du serveur dnsmasq
dhcp-option=option:router,192.168.0.y

# Associer un domaine à une adresse IP
address=/mon-domaine.fr/192.168.0.10

# ignore /etc/resolv.conf if there is only localhost
no-resolv
# ignore /etc/hosts if there is only localhost
no-hosts
# Upstream DNS server addresses (serveur DNS de la box)
server=192.168.0.x
/etc/resolv.conf 
nameserver ::1
nameserver 127.0.0.1
/etc/hosts 
#<ip-address>	<hostname.domain.org>   <hostname>
127.0.0.1                               localhost
::1                                     localhost

192.168.0.x     mabox
192.168.0.y     site1.domaine.net site2.domaine.net
192.168.0.z     site3 site4
Après une modification, il faut redémarrer le service dnsmasq

NetworkManager

Restart of NetworkManager overwrite the /etc/resolv.conf file.

/etc/NetworkManager/NetworkManager.conf 
[main]
# add the following line to avoid NetworkManager to change the resolv.conf file
dns=none

DHCPCD

/etc/dhcpcd.conf 
# dhcpcd, unfortunately, tends to overwrite /etc/resolv.conf by default,
# so if you use DHCP it is a good idea to protect /etc/resolv.conf. 
nohook resolv.conf

Configuration DHCP

/etc/dnsmasq.conf 
interface=eth0
bind-interfaces

# allouer dynamique les ip 192.168.0.50 à 192.168.0.150
dhcp-range=192.168.0.50,192.168.0.150,12h
# pas d'allocations dynamique, seul les allocations statiques sont autorisées
dhcp-range=192.168.0.0,static

# Baux DHCP statiques
# donne un nom et une ip à l'adresse MAC correspondante
dhcp-host=xx:xx:xx:xx:xx:xx,Nom,192.168.x.x,infinite
# donne une ip à la machine dont le nom correspond
dhcp-host=Nom,192.168.x.x,infinite

# si unique serveur DHCP
dhcp-authoritative

Afficher les baux dhcp en cours

cat /var/lib/misc/dnsmasq.leases

Mettre fin à un bail

systemctl stop dnsmasq

# supprimer la ligne correspondant au bail
nano /var/lib/misc/dnsmasq.leases

systemctl start dnsmasq

# restart the client to get a new ip adress
sc-restart dhcpcd@eth0

VPN

/etc/dnsmasq.conf 
interface=eth0
# ajouter l'interface tun
interface=tun0

# ajouter l'ip du serveur sur le réseau VPN
listen-address=127.0.0.1, 10.8.0.1

bind-interfaces

failed to create listening socket for 10.8.0.1: Cannot assign requested address

Dnsmasq démarre avant qu'OpenVPN n'ai eu le temp d'enregistrer l'ip 10.8.0.1
Étendre la configuration du service dnsmasq sans écraser la configuration par défaut: /usr/lib/systemd/system/dnsmasq.service

/etc/systemd/system/dnsmasq.service.d/openvpn.conf 
[Unit]
After=openvpn@server.service

Firewall

# allow incoming communication on port 53 with protocol tcp and udp
sudo ufw allow 53 comment 'DNS tcp/udp port 53'

sudo ufw allow 67,68/udp comment 'DHCP udp ports 67,68'

log

/var/log/messages.log

/etc/dnsmasq.conf 
# For debugging purposes, log each DNS query as it passes through dnsmasq.
log-queries
# Log lots of extra information about DHCP transactions.
log-dhcp

Erreurs

Temporary failure in name resolution

cron reboot

crontab 
# restart dnsmasq 60 seconds after reboot
@reboot sleep 60 && systemctl restart dnsmasq

dnsmasq.service

Dnsmasq fails to respond on network devices that weren't up when its service started, thus not binding as expected.
Fix: delay startup until after the network is online.

/lib/systemd/system/dnsmasq.service 
[Unit]
#Requires=network.target
#After=network.target
Requires=network-online.target
After=network-online.target

failed to create listening socket for port 53: Address already in use

Un autre programme utilise déjà le port 53. 

sudo netstat -peanut | grep :53
# tcp        0      0 127.0.0.53:53           0.0.0.0:*               LISTEN      102        16584      2147/systemd-resolv 
# udp        0      0 127.0.0.53:53           0.0.0.0:*                           102        16583      2147/systemd-resolv

Arrêter systemd-resolved (Ubuntu 18.04)

sc-stop systemd-resolved
sc-disable systemd-resolved

# supprimer le lien symbolique /etc/resolv.conf
ls -lh /etc/resolv.conf
# /etc/resolv.conf -> ../run/systemd/resolve/stub-resolv.conf
sudo rm /etc/resolv.conf
/etc/resolv.conf 
nameserver 127.0.0.1

Modifier resolved.conf

/etc/systemd/resolved.conf 
[Resolve]
DNS=127.0.0.1
DNSStubListener=no
/etc/resolv.conf 
nameserver  127.0.0.1
sc-restart systemd-resolved
sc-start dnsmasq

Ne fonctionne pas avec Android

Android fait des requêtes DNS IPv6 et n'utilise donc pas DNSmasq.
Utiliser une application de changement d'adresse DNS.

Il semble que désactiver les IPv6 sur le routeur ait résolu le problème.
Récupérée de « http://wiki.bananeatomic.fr/index.php?title=Dnsmasq&oldid=29056 »