1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Separate DNS per interface

Discussion in 'Tomato Firmware' started by krux01, Jul 31, 2014.

  1. krux01

    krux01 LI Guru Member

    I have tomato setup with 2 vlans a local and a guest vlan.
    I have dnsmasq serving dhcp to each network (completely separate subnets 10.0.1.x & 172.16.1.x).
    When I'm on the guest network I can't ping or connect to known hosts on the other
    network. But I can learn their IP addresses. Because dnsmasq is
    managing both networks, it will happily tell members of the guest
    network the ip address of hosts on the home network and local members ip addresses of the guests.
    I'm not too worried about it, since the firewall prevents any contact, but it just seems unclean. Is there a way to run 2 separate instances of dnsmasq to separpate the DNS lookups? Or can bind be installed and used on tomato?
  2. koitsu

    koitsu Network Guru Member

    ISC BIND is available on TomatoUSB through Entware. I use it myself. But remember: dnsmasq is also your LAN's DHCP server, so if you want to use named instead you'd best ensure that there's no conflict (specifically for TCP/UDP port 53). To disable the DNS functionality in dnsmasq, use --port=0 when it starts (or possibly add that to the custom config, or through some other means).
  3. krux01

    krux01 LI Guru Member

    Thanks. I will check it out. I run Shibby's build but I assume it is available as well.
    Will this disable seeing computer names in the web interface? I ask because I almost had 2 instances of dnsmasq running successfully but the computers names were missing in the web interface I could not figure out how to get them back.
  4. koitsu

    koitsu Network Guru Member

    I'm not sure. In the Device List, the "Name" field I believe comes from what the DHCP client submit as its name when requesting an IP address (requires you be running dnsmasq). I don't run dnsmasq for DHCP capability (I use a FreeBSD box running ISC DHCPD), so I've never used that feature of TomatoUSB. But in my setup, I do not get the "Name" field filled out in the Device List, and I believe that's correct behaviour.

    Maybe someone else can answer more definitively.

Share This Page