DNS issues

Discussion in 'Sveasoft Firmware' started by lukaszd, Feb 8, 2005.

  1. lukaszd

    lukaszd Network Guru Member

    Hello all,

    My ISP hides us behind a gateway and hands out 192.168.x.x addresses (1 per customer). Now, I have a mini-network of my own, of which the central point is a Satori-flashed WRT54Gv2, seen from outside as WRT gives out 10.0.0.x addresses to my three computers and is seen by them as (hostname: wrt). The ISP has created a 'virtual domain', say: .theisp, and provides DNS for other machines within the LAN (with fixed names like comp001-101.theisp). I would like to set up a virtual domain for my internal network myself and have the dns daemon on WRT:

    - provide dns for .mydomain machines, including returning for wrt.mydomain
    - forward dns requests for .theisp and WAN requests to the isp-provided dns server

    I hope that's clear - but is it possible to achieve with Satori?

    Any help appreciated!

  2. lukaszd

    lukaszd Network Guru Member

    Re: DNS issues - solved!

    Hi again,

    I thought somebody might like to read how I solved the problem. Well, I did some reading on dnsmasq and discovered to my honest surprise that it it also provides DHCP services! Once I learned how to configure it, the rest was easy:

    1. Disabled "DNS Masq" and "DHCPD" in the Administration->Management tab (GUI)
    2. Just in case, disabled "DHCP Server" in Setup->Basic Setup

    3. Prepared my hosts file:
    $ nvram set hosts="blue
    $ nvram commit
    4. Prepared dnsmasq.conf:
    $ cat >dnsmasq.conf
    $ nvram set dnsmasq_conf="$(cat dnsmasq.conf)"
    $ nvram commit
    I decided to use a resolv-file to handle any DNS server changes by my ISP. I populate it just before starting dnsmasq (see below). As you can also see the idea here was to assign IPs via the hosts file and not to do any static MAC->IP assignments - just because from each box I sometimes connect wireless and sometimes wired and it's nice to get the same IP in both cases.

    5. Prepared a start_dns script:
    $ cat >start_dns.sh
    # let's wait until everything that must start, starts
    /bin/sleep 5 
    # kill dnsmasq if running
    DNS="$(/bin/ps | /bin/grep dnsmas[q] | /usr/bin/tr -d ' ' | /usr/bin/cut -f1 -dr)"
    [ "$DNS" != "" ] && kill $DNS
    # kill udhcpd if running
    DHCPD="$(/bin/ps | /bin/grep udhcp[d] | /usr/bin/tr -d ' ' | /usr/bin/cut -f1 -dr)"
    [ "$DHCPD" != "" ] && kill $DHCPD
    #add own IP (whatever it currently is) to resolv.conf
    /bin/echo nameserver "$(/usr/sbin/nvram get lan_ipaddr)" >/tmp/resolv.conf
    # add ISP's DNS (whatever it currently is) to resolv.conf
    /bin/echo nameserver "$(/usr/sbin/nvram get wan_dns)" >>/tmp/resolv.conf
    # overwrite dnsmasq.conf
    /usr/sbin/nvram get dnsmasq_conf >/tmp/dnsmasq.conf
    # start dnsmasq - the ultimate DNS and DHCP solution :P
    /usr/sbin/dnsmasq --conf-file /tmp/dnsmasq.conf
    $ nvram set start_dns="$(cat start_dns.sh)"
    $ nvram commit
    6. Finally, added this to rc_startup:
    # get hosts
    /usr/sbin/nvram get hosts >/tmp/hosts
    # get start_dns.ksh
    /usr/sbin/nvram get start_dns >/tmp/start_dns.sh
    /bin/chmod +x /tmp/start_dns.sh
    # run!
    /tmp/start_dns.sh &
    And it works!

    Sorry if it was obvious - but I feel so good I wanted to share :D

    If you care to comment or to point out any vulnerabilities/drawbacks/other issues concerning this approach - by all means do!

  3. walakee

    walakee Network Guru Member

    Dear Lukaszd,

    Many thanks for this! Great stuff! It helped me a lot! The only thing I couldn't get to work was, to make the bastard reslove my local host names. Here is what dnsmasq shows in --no-daemon mode....

    • dnsmasq: started, version 2.6 cachesize 150
      dnsmasq: DHCP, IP range --, lease time 43200s
      dnsmasq: failed to drop root privs
      dnsmasq: read /etc/hosts - 13 addresses
      dnsmasq: reading /tmp/resolv.conf
      dnsmasq: using nameserver
      dnsmasq: using nameserver

    As you can see it reads the hosts file, and finds 13 entries. Now, whenever I try to do an nslookup from one of the XP clients I get...

    • C:\>nslookup
      Default Server: linksys

      > brian
      Server: linksys

      *** linksys can't find brian: Non-existent domain

    Here is how the relevant part of my hosts file looks like...

    • linksys eagle brad brian tornado

    Any help would be appreciated.

    Many thanks in advance,
  4. lukaszd

    lukaszd Network Guru Member

    Could you post your dnsmasq.conf?
  5. walakee

    walakee Network Guru Member

    Thanks for the quick reply. Please find my dnsmasq.conf file further below. Meanwhile I figured that (as you could see above), 'brian' can not be resolved, however 'brian.' can.

    • interface=br0
      # Never forward plain names (with a dot or domain part)
      # Never forward addresses in the non-routed address spaces.
      # Uncomment this to filter useless windows-originated DNS requests


  6. walakee

    walakee Network Guru Member

    Solution found!!!

    As I found out after a while, the problem was not on with DNSMasq at all, but my Windows DNS settings at...

    My Network Connections (Right Mouse Button) -> Properties
    Local Area Connection (Right Mouse Button) -> Properties
    TCP/IP -> Properties -> Advanced... -> DNS tab

    The 'Append these DNS suffixes' was selected, and a stupid suffix was added to the list.

    Now I changed the setting to 'Append primary and connection specific DNS suffixes', and I double-checked that at...

    My Computer (Right Mouse Button) -> Properties ->
    Computer Name tab -> Change... -> More... ->
    'Primary DNS suffix of this computer' field is empty, and voila: everything works fine now!

    I thought I write this down, so it may help others, like lukaszd's description helped me.

    PS: The stupid suffix in the list was 'internet.vodafone.net' and was put in there by the 'Vodafone Connect Me' software I think.
  7. walakee

    walakee Network Guru Member

    DNSMasq dying

    As DNSMasq kepps on dying on my Linksys router. :( Please let me know if anyone else has this problem. :? I'm using Satori v4_0 v2_07_1_7sv firware with tinyPEAP.

    As a workaround I wrote a little script and put it into crontab to check if dnsmasq is still there, and start it if not. Please find it below...

    cat >check_dns.sh
    #checking if dnsmasq is in the process list, if it is
    #we quit, if it isn't we start it
    STATUS=`ps | grep dnsmasq | wc -l`
    if [ $STATUS = "2" ]
    nvram set check_dns="$(cat check_dns.sh)" 
    Here is the crontab entry...

    nvram set crontab="* * * * * /tmp/check_dns.sh"
    ...and the the lines added to lukaszd's rc_startup file...

    # Script checking if dnsmasq died
    /usr/sbin/nvram get check_dns >/tmp/check_dns.sh
    /bin/chmod +x /tmp/check_dns.sh
    # Cron job to restart DNSMasq periodically
    /usr/sbin/nvram get crontab >/var/spool/cron/crontabs/root 
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice