Name Resolution on multi-homed networks using dnsmasq?

martinprowe · May 11, 2011, 4:01pm

Hi,

I have a DNS server (dnsmasq v2.55) at the center of three subnets: x.y.1.0/24, x.y.2.0/24 & x.y.3.0/24.

dnsmasq does a grand job of issuing a suitable DNS server address with the DHCP option 6.
So, machines on subnet x.y.3.0/24 are told that the DNS server is x.y.3.2,
machines on subnet x.y.2.0/24 are told that the DNS server is x.y.2.2 and
machines on subnet x.y.1.0/24 are told that the DNS server is at x.y.1.2.
Even though the DNS server is the same box (although with three nics).

Now the question is:
How do I make dnsmasq respond similarly to name resolution requests? So that when:
Machines from x.y.3.0/24, ping <name of DNS server> dnsmasq returns x.y.3.2,
Machines from x.y.2.0/24, ping <name of DNS server> dnsmasq returns x.y.2.2, and
Machines from x.y.1.0/24, ping <name of DNS server> dnsmasq returns x.y.1.2.

Currently, the DNS server returns the IP address that is assigned in /etc/host.
Which, of course can be changed, but via that mechanism, will always be wrong two out of three cases.

Regards, Martin

ken_yap · May 11, 2011, 5:03pm

What you are asking for is called split horizon and AFAIK, it is not supported by dnsmasq.

Comparison of DNS server software - Wikipedia, the free encyclopedia

You could run 3 instances of dnsmasq. I assume each can be told to bind to only one IP address.

martinprowe · May 11, 2011, 6:38pm

Thank you Ken,

I feared as much. Any thoughts of dealing with it at the client end? If I know that the DNS server IP (as provided by DHCP) is the IP address for the DNS Server hostname.

You could run 3 instances of dnsmasq. I assume each can be told to bind to only one IP address.

Sounds messy…

Regards,

ken_yap · May 12, 2011, 3:58am

You could give different domain names to the three IP addresses that dnsmasq presents.

martinprowe · May 12, 2011, 8:27am

Hi Ken,

Thank you. Yes, I did try that for a while. What I found though, was that it was causing me confusion in scripts. Nothing major, but again - messy!

What I am currently doing is getting dnsmasq to send all three IP addresses and leaving it up to the client to sort it out. So far the best I have been able to come up with.

Regards, and once again thank-you, Martin