Hello all. I am in need of some guidance on how my home network should be set up for split DNS. After battling through Port 53 errors the last 2 days I now have dnsmasq running. All of the tutorials I have found say I need tgo edit the /etc/hosts file and add my home devices to it. When I open the file I see the following :
# This file is auto-generated by openmediavault (https://www.openmediavault.org)
# WARNING: Do not edit this file, your changes will get lost.
127.0.0.1 localhost.localdomain localhost
127.0.1.1 raspberrypi
# The following lines are desirable for IPv6 capable hosts.
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts
So if I can't/shouldn't edit that file then how do I go about adding all of my devices to it so they will start resolving at dnsmasq first vice my router? I also tried using:
-H, --addn-hosts=/srv/dev-disk-by-label-HomeDrive/"config files"/dnsmasq/hosts
But I get the following:
dnsmasq: failed to create listening socket for port 53: Permission denied
Right now I am completely unsure if dnsmasq is working properly and hopefully some people here have experience with it as I have about 2 weeks experience with networking.
What I am trying to do is get my network set up to where all of my devices go through dnsmasq first and if they are trying to reach something local on the network (NAS) that they never reach out to the internet. After dnsmasq has a chance at the request then it can forward to my router. It was brought to my attention over at the Caddy server site that I have a hairpin NAT and when I request access to mydomain.duckdns.org while internal to my network I get a 403 error because it's going/coming as an external address (I hope that makes sense).
What I was going for was to be able to access things on my network over https while internal but have some things like OMV/Portainer not accessible at all externally.
To be honest I am not sure what I'm really doing. I just started learning about DNS and IP routing so please bear with me while some of this seems elementary.
Here are the relevant sections of my dnsmasq.conf that the tutorial I used had me change:
# Never forward plain names (without a dot or domain part)
domain-needed
# Never forward addresses in the non-routed address spaces.
bogus-priv
# If you don't want dnsmasq to read /etc/resolv.conf or any other
# file, getting its servers from this file instead (see below), then
# uncomment this.
no-resolv
# Add other name servers here, with domain specs if they are for
# non-public domains.
server=1.1.1.1
server=1.0.0.1
# Set the cachesize here.
cache-size=1000
The part I can't do is change the hosts file because it's controlled by OMV5.
System:
Raspberry Pi 4 4GB (Raspbian Buster Lite)
OMV5
Portainer
Caddy Servere
dnsmasq
Some hard drives
Orbi router. DNS change to 192.168.1.29 (P) (My Pi's IP), 1.1.1.1 (S), 1.0.0.1 (T)
Hopefully someone here can help! Thanks in advance!