Use a fixed port for outbound DNS queries Listening port for DNS queries, disables DNS server functionality if set to 0 Log the results of DNS queries, dump cache on SIGUSR1, include requesting IPĭisable caching of negative “no such domain” responsesĭon't read upstream servers from /etc/nf which is linked to resolvfile by defaultīind only configured interface addresses, instead of the wildcard address. See the dnsmasq man page for available facilities. Set the facility to which dnsmasq will send syslog entries. Initially disabled, but still enabled via the default noresolv and resolvfile options. Note well the spelling of this option.Īccept DNS queries only from hosts whose address is on a local subnet, ie a subnet for which an interface exists on the server.ĭefault TTL for locally authoritative answers. Initially disabled, but still enabled in the config by default. This follows the same syntax as server entries, see the man page.Ĭhoose IP address to match the incoming interface if multiple addresses are assigned to a host name in /etc/hosts. Look up DNS entries for this domain from /etc/hosts. The syntax is: list ipset '///example_ipv4,example_ipv6' Requires the dnsmasq-full package. Note that dnsmasq listens on loopback by default. If unspecified, dnsmasq will listen to all interfaces except those listed in notinterface. Make sure it is disabled if you need to resolve SRV records or use SIP phones.ĭo not resolve unqualifed local hostnames. Specify the largest EDNS.0 UDP packet which is supported by the DNS forwarderĪdd the local domain part to names found in /etc/hostsĭo not forward requests that cannot be answered by public name servers. Caution: If you use this option on a device that doesn't have a hardware clock, dns resolution may break after a reboot of the device due to an incorrect system time. This protects against an attacker forging unsigned replies for signed DNS zones, but is slower and requires that the nameservers upstream of dnsmasq are DNSSEC-capable. Requires the dnsmasq-full package.Ĭheck the zones of unsigned replies to ensure that unsigned replies are allowed in those zones. Validate DNS replies and cache DNSSEC data. If the name is not known from /etc/hosts or DHCP then a “not found” answer is returned Tells dnsmasq never to forward queries for plain names, without dots or domain parts, to upstream nameservers. Specify an external file with per host DHCP options You can also use: “ file name, tftp server name, tftp ip address” Specifies BOOTP options, in most cases just the file name. Standard builds of dnsmasq on OpenWrt do not include DBus support. Normally, only the loopback address is used, and all queries go through dnsmasq.Įnable DBus messaging for dnsmasq. ![]() When set to 0, use each network interface's dns address in the local /etc/nf. Reject reverse lookups to private IP ranges where no corresponding entry exists in /etc/hosts IP addresses to convert into NXDOMAIN responses (to counteract “helpful” upstream DNS servers that never return NXDOMAIN). Used if this is the only server on the network ![]() Syntax in each file is the same as /etc/hostsįorce dnsmasq into authoritative mode. WAN is inferred from config dhcp sections with option ignore 1 set, so they do not need to be named WAN add_wan_fqdn available since 18.06Īdditional host files to read for serving DNS responses. Labels WAN interfaces like add_local_fqdn instead of your ISP assigned default which may be obscure. enhanced function available since 18.06 with option add_local_fqdnĪdd A, AAAA, and PTR records for this router only on DHCP served LAN. These are the default settings for the common options:ĭhcp.leasefile= '/tmp/dhcp.leases'ĭhcp.resolvfile= '/tmp//'Īdd the local domain as search directive in nf.Īdd A, AAAA, and PTR records for this router only on DHCP served LAN. See the dnsmasq man page for further details. The following table lists all available options, their default value, as well as the corresponding dnsmasq command line option. Sections of the type dnsmasq specify per dnsmasq instance the values and options relevant to the overall operation of the dnsmasq instance and the DHCP options on all interfaces served.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |