Help need with proper router DNS settings/dnsmasq/OMV5

    Hello all. I am in need of some guidance on how my home network should be set up for split DNS. After battling through Port 53 errors the last 2 days I now have dnsmasq running. All of the tutorials I have found say I need tgo edit the /etc/hosts file and add my home devices to it. When I open the file I see the following :


    # This file is auto-generated by openmediavault (https://www.openmediavault.org)

    # WARNING: Do not edit this file, your changes will get lost.

    127.0.0.1 localhost.localdomain localhost

    127.0.1.1 raspberrypi

    # The following lines are desirable for IPv6 capable hosts.

    ::1 ip6-localhost ip6-loopback

    fe00::0 ip6-localnet

    ff00::0 ip6-mcastprefix

    ff02::1 ip6-allnodes

    ff02::2 ip6-allrouters

    ff02::3 ip6-allhosts


    So if I can't/shouldn't edit that file then how do I go about adding all of my devices to it so they will start resolving at dnsmasq first vice my router? I also tried using:

    -H, --addn-hosts=/srv/dev-disk-by-label-HomeDrive/"config files"/dnsmasq/hosts


    But I get the following:

    dnsmasq: failed to create listening socket for port 53: Permission denied


    Right now I am completely unsure if dnsmasq is working properly and hopefully some people here have experience with it as I have about 2 weeks experience with networking.


    What I am trying to do is get my network set up to where all of my devices go through dnsmasq first and if they are trying to reach something local on the network (NAS) that they never reach out to the internet. After dnsmasq has a chance at the request then it can forward to my router. It was brought to my attention over at the Caddy server site that I have a hairpin NAT and when I request access to mydomain.duckdns.org while internal to my network I get a 403 error because it's going/coming as an external address (I hope that makes sense).


    What I was going for was to be able to access things on my network over https while internal but have some things like OMV/Portainer not accessible at all externally.


    To be honest I am not sure what I'm really doing. I just started learning about DNS and IP routing so please bear with me while some of this seems elementary.


    Here are the relevant sections of my dnsmasq.conf that the tutorial I used had me change:


    # Never forward plain names (without a dot or domain part)

    domain-needed

    # Never forward addresses in the non-routed address spaces.

    bogus-priv

    # If you don't want dnsmasq to read /etc/resolv.conf or any other

    # file, getting its servers from this file instead (see below), then

    # uncomment this.

    no-resolv

    # Add other name servers here, with domain specs if they are for

    # non-public domains.

    server=1.1.1.1

    server=1.0.0.1

    # Set the cachesize here.

    cache-size=1000


    The part I can't do is change the hosts file because it's controlled by OMV5.


    System:

    Raspberry Pi 4 4GB (Raspbian Buster Lite)

    OMV5

    Portainer

    Caddy Servere

    dnsmasq

    Some hard drives

    Orbi router. DNS change to 192.168.1.29 (P) (My Pi's IP), 1.1.1.1 (S), 1.0.0.1 (T)


    Hopefully someone here can help! Thanks in advance!

    For the port 53 issue I ran:


    sudo killall -9 dnsmasq


    Then you can check with a variant netstat or systemctl to see if it's dead.


    As far as the hosts file goes I created a new one called ''hosts2'' and saved it to my config folder on my external drive (doesn't matter where you save it). Here is mine:


    Code
    # hosts This file describes a number of hostname-to-address
# mappings for the TCP/IP subsystem. It is mostly
# used at boot time, when no name servers are running.
# On small systems, this file can be used instead of a
# "named" name server.
# Syntax:
# # IP-Address Full-Qualified-Hostname Short-Hostname
#
192.168.1.29 mydomain.duckdns.org. jellyfin.mydomain.duckdns.org. omv.mydomain.duckdns.org. nas.mydomain.duckdns.org
# special IPv6 addresses

    Since I wanted al of those sub-subdomains to also resolve internally I added them to the same line as my Pis IP.


    Then you'll need to add an additional hosts file to the /etc/dnsmasq.conf file. Inside that file scroll to the below section and add the line addn-hosts=/srv/dev-disk-by-label-HomeDrive/"config files"/dnsmasq/hosts2. :


    Code
    # If you don't want dnsmasq to read /etc/hosts, uncomment the
# following line.
#no-hosts
# or if you want it to read another file, as well as /etc/hosts, use
# this.
addn-hosts=/srv/dev-disk-by-label-HomeDrive/"config files"/dnsmasq/hosts2

    Make sure you change the file path to wherever you saved your file. Also if you use nano to edit you can use ctrl+w and just search for a key word to get there. Once you've added the second hosts file save the dnsmasq.conf and exit. Kill dnsmasq if it was running and then start it back up.


    The last step for me was to point my router at my Raspberry Pi for DNS. I can setup to 3 DNS's in my router so I set the Primary to 192.168.1.29 which is my Pi. Now all traffic internal to my network will get resolved through dnsmasq first.


    I hope that helps a bit.

Jetzt mitmachen!

Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!

Benutzerkonto erstellen Anmelden