Reputation: 749
Make dnsmasq NOT server the local server?
Is there a way to configure dnsmasq so that it only serves DNS requests from remote systems? What I want is that ('internet' means outside my network):
- Any DNS request from a program on the
dnsmasqmachine just uses the internet DNS servers and ignoresdnsmasq - A DNS request from a remote system directed to the
dnsmasqmachine receives a response fromdnsmasq, which could be a locally configured response or one thatdnsmasqhas relayed on to the internet DNS servers - Optionally restrict the IP addresses of remote servers permitted to query the
dnsmasqsystem.
FYI my use case is needing to patch/respond locally to requests from an embedded system to add resilience with a remote server is down; I can't change the queried hostname so I want to be able to locally spoof the IP address, but only affecting specific queries from this embedded system which I've manually directed to my local dnsmasq server.
Upvotes: 0
Views: 603
Answers (1)
Reputation: 749
After much digging, I stumbled across the answer. The magic incantation required to achieve this is:
$ echo DNSMASQ_EXCEPT=lo | sudo tee --append /etc/default/dnsmasq
$ sudo systemctl restart dnsmasq
Look up DNSMASQ_EXCEPT for details but basically this stops dnsmasq providing DNS services to the lo interface.
Upvotes: 1
Related Questions
- Is there a way to use DNSMasq and BIND on the same computer?
- dnsmasq tags and conditional dns server
- dnsmasq - forwarding local dns queries
- How do I prevent dnsmasq from appending my domain name to invalid domain requests?
- How to route only local addresses using dnsmasq
- Dnsmasq not working domain .local
- dnsmasq only working on local machine
- How to configure DNSmasq to resolve an address always giving the current public ip on a specific network
- dnsmasq config being bypassed
- dnsmasq & multiple addresses