# Setup DNSmasq DNS Server ?

## cowboy0629

Hi All Im back again...

eccerr0r Was a great help with my last problem.. but now I'm hoping someone can help me out with simplifying my local network a little better...

I have a Gentoo/home router made approx 1 year ago from the wiki here.. and I am using DNSmasq to provide my dhcp clients their address ..  

quick overview of network

BELL DSL MODEM --> GENTOO ROUTER / APACHE SERVER --> MY NETWORK

My network is made up of Multiple Gentoo Linux machines / iMACs / WINDOWS / etc

I would like to get DNSmasq to provide HOSTS files to all my machines so i don't have to setup hosts files on each of my machines

can someone help me with this as I have tried many times to setup a DNS server (I think this is what i want to do) but have never had any luck getting a DNS server to actually work.

thanks in advanceLast edited by cowboy0629 on Mon Feb 27, 2017 11:54 pm; edited 2 times in total

----------

## John R. Graham

Take a look at the Wiki article first. Let us know what you don't understand.

- John

----------

## cowboy0629

DNS has always been my downfall I usually manually point my machines to 8.8.8.8 8.8.4.4

So I should make 

Gentoo Router

```

/etc/resolv.conf

NAMESERVER=8.8.8.8

NAMESERVER=8.8.4.4

```

rest of computers on network

```

/etc/resolv.conf

#LOCAL NETWORK

NAMESERVER=192.168.0.1

#AWAY FROM HOME (LAPTOP)

NAMESERVER=8.8.8.8

NAMESERVER=8.8.4.4

```

then this should make the computers  Look at Gentoo Router first to get DNS information  if I am connected to the local network once then if I am not on local network it will try the google dns servers..

So if connected to Local network  DNS MASQ should use the /etc/hosts file to connect to local network stuff and then if it can't find the information in the /etc/hosts file it will then use the /etc/resolv.conf and send information thru google name servers... is this correct? 

I tend to overthink the problem and make it harder then it is.. But being new to the world of Linux I get confused .. Im pretty sure I have done the top and I either can't get to the outside network or the local stuff still don't work....  I am going to post my host file in the next post... maybe I am doing something wrong in there

and do I delete my host files off of the local machines to make the computers use my gentoo routers host file?

----------

## cowboy0629

Here is the Hostfile on my gentoo router (GW1 -- GENTOO ROUTER is HEADLESS all work on this machine is done thru SSH)

```

/etc/hosts

# /etc/hosts: Local Host Database

#

# This file describes a number of aliases-to-address mappings for the for

# local hosts that share this file.

#

# In the presence of the domain name service or NIS, this file may not be

# consulted at all; see /etc/host.conf for the resolution order.

#

# IPv4 and IPv6 localhost aliases

127.0.0.1       GW1.mike-net GW1 localhost

::1             GW1 localhost6.localdomain6 localhost6

# Local Systems On Network

192.168.0.100   imac.mike-net           imac

192.168.0.200   DT0.mike-net            dt0

192.168.0.101   GW2.mike-net            gw2

192.168.0.110   PI1.mike-net            pi1

192.168.0.111   PI2.mike-net            pi2

192.168.0.106   acer.mike-net           acer

# For Apache virtual hosting:

127.0.0.1       localhost       cowboy0629.ddns.net

127.0.0.1       localhost       needfulthings.ddns.net

#

# Imaginary network.

#10.0.0.2               myname

#10.0.0.3               myfriend

#

# According to RFC 1918, you can use the following IP networks for private

# nets which will never be connected to the Internet:

#

#       10.0.0.0        -   10.255.255.255

#       172.16.0.0      -   172.31.255.255

#       192.168.0.0     -   192.168.255.255

#

# In case you want to be able to connect directly to the Internet (i.e. not

# behind a NAT, ADSL router, etc...), you need real official assigned

# numbers.  Do not try to invent your own network numbers but instead get one

# from your network provider (if any) or from your regional registry (ARIN,

# APNIC, LACNIC, RIPE NCC, or AfriNIC.)

#

```

Now I'm pretty sure I have done this part wrong so if someone could tell me what it should actuaally look like

```

# IPv4 and IPv6 localhost aliases

127.0.0.1       GW1.mike-net GW1 localhost

::1             GW1 localhost6.localdomain6 localhost6

```

I would like to get IPv6 working as well but one problem at a time... because I don't know anything at all about Ipv6 except the Ipv6 ip address looks more like a mac address

So would I add 

```

/etc/hosts

# For Apache virtual hosting:

127.0.0.1       localhost       cowboy0629.ddns.net       <--/

127.0.0.1       localhost       needfulthings.ddns.net       <--\ if I take these two lines out my virtual hosting does not work to the outside world

## ADD LINES BELOW

192.168.0.1     cowboy0629.ddns.net

192.168.0.1     needfulthings.ddns.net   

```

If I add the above to the host files of the client machine it works while Im at home but then when I leave the house I have to delete them lines from client machine to view sites over the internet this is why I want my machine to provide a local dns so when I come home with a laptop it will see my websites so I can work on them and test...  and then when I leave home I can see them without having to edit the host file all the time on my laptop

----------

## nativemad

Hey Cowboy0629

First off: Normally the dhcp server tells the clients which DNS servers to use! It is possible that the google servers aren't reachable in a network with local resolvers in place.....

Dnsmasq is first of all a DNS server and if you enable its dhcp features it will promote itself as DNS server to its dhcp clients.

Dnsmasq reads the /etc/hosts on the machine where it is running and distributes these entries! So if you place the ddns name there pointing to localhost, then your clients will not reach your sites with that name - as they are not running on localhost (the client)! You will need to solve that somehow! 

I guess it should be enough if you just use the ddns hostnames on the internal ip of the router in your hosts.

If you use the dns settings provided by the dhcp server you also don't have to change your hosts file on the clients if you leave the house.....  :Wink: 

HTH

----------

## cboldt

```
dhcp-host=MAC_ID,involute,192.168.0.2        # Gigabyte F2A88XM-D3H

dhcp-host=MAC_ID,hypoid-2,192.168.0.3        # Thinkpad T420 wireless

dhcp-host=MAC_ID,catenary,192.168.0.4        # Samsung Tablet

dhcp-host=MAC_ID,joy-phone,192.168.0.5       # Joy Samsung S5 phone

dhcp-host=MAC_ID,router,192.168.0.10         # ASUS RT-AC66W (router)

host-record=router,router.curvate.net,192.168.0.10

dhcp-host=MAC_ID,cia-secure,192.168.0.31     # ASUS RT-N66U (access point)

cname=mail.curvate.net,hypoid

cname=smtp.curvate.net,hypoid

cname=gentoo,hypoid

cname=gentoo.curvate.net,hypoid

cname=server,hypoid

cname=server.curvate.net,hypoid

cname=rlogger,hypoid

cname=rlogger.curvate.net,hypoid

cname=jabber,hypoid

cname=jabber.curvate.net,hypoid

cname=conference,hypoid

cname=conference.curvate.net,hypoid

cname=printhost,hypoid

cname=printhost.curvate.net,hypoid
```

hypoid is the DNS server to the LAN, and has a fixed IP in network startup.  The other machines (except the router and the access point, each of which has a fixed IP) use dhcp, and dnsmasq assigns them the IP addresses listed in my /etc/dnsmasq.d/dnsmasq-local.conf file.

----------

## cowboy0629

Ok I don't have the /etc/dnsmasq.d/dnsmasq-local.conf directory so now I know I have done something wrong....   :Sad: 

I have

 /etc/dnsmasq.conf

```

dhcp-range=192.168.0.20,192.168.0.40,255.255.255.0,12h

# SET DNS SERVERS

server=8.8.8.8

server=8.8.4.4

#STATIC ADDRESSES ASSIGNED BY DHCP

# ASSIGNED BASED ON MAC ADDRESS

dhcp-host=10:dd:b1:9e:cb:33,Michaels-iMac,192.168.0.100

dhcp-host=bc:83:85:b4:f3:bd,XboxOne,192.168.0.102

dhcp-host=fc:c2:de:e3:e2:f1,GalaxyS5_Mike,192.168.0.103

dhcp-host=6c:70:9f:19:7c:12,Michaels-iPad,192.168.0.104

#dhcp-host=30:52:cb:46:8b:ad,acer,192.168.0.106

dhcp-host=30:65:ec:91:83:f0,acer,192.168.0.106

# TV & OFFICE EQUIPTMENT

dhcp-host=c4:57:6e:43:6f:6e,Samsung50,192.168.0.160

dhcp-host=00:21:00:8c:fd:6c,Dennison-PC,192.168.0.162

dhcp-host=00:e0:a9:67:06:a5,PhilipsTV,192.168.0.163

#Misc

## Bronsons ThinkPad T410

dhcp-host=f0:de:f1:16:ea:88,Bronson-ThinkPad,192.168.0.200

#dhcp-host=00:27:10:bc:e2:5c,Bronson-ThinkPad,192.168.0.200

```

I just realized that Connection Manager (connman) changes my resolve.conf to 

```

# Generated by Connection Manager

nameserver 127.0.0.1

nameserver ::1

```

does not matter what connection I am on same thing

----------

## cboldt

Putting the material in /etc/dnsmasq.conf works too.  I created the /etc/dnsmasq.d directory, and populated it, so that when dnsmasq is updated by portage, I have fewer changes in /etc/dnsmasq.conf.

```
# Include another lot of configuration options.

#conf-file=/etc/dnsmasq.more.conf

#conf-dir=/etc/dnsmasq.d

# Include all the files in a directory except those ending in .bak

#conf-dir=/etc/dnsmasq.d,.bak

# Include all files in a directory which end in .conf

conf-dir=/etc/dnsmasq.d/,*.conf
```

I don't know connman.  I recently looked at networkmanager, and it too appeared to take over all or parts of network setup.  However, there was a means to cause it to use a dnsmasq.config other than the hardcoded dnmasq.conf command line in networkmanager.

Okay ... edit to add, sussed this from the connman webpage (and I notice the unmasked connman in the portage tree is pretty old)

```
Thanks to Mylène Josserand, ConnMan 1.31 now properly exposes multiple cellular contexts provided by oFono whenever supported by the cellular subscription. In addition, ConnMan now writes its resolv.conf file to [/var]/run/connmand with the provided tmpfiles.d and init script creating the run-time directory and a symlink from /etc/resolv.conf. If the run time directory does not exist, ConnMan falls back to modifying /etc/resolv.conf as before.
```

----------

## cboldt

As for using the same netname inside the LAN as outside, and getting to the same place, that involves both DNS resolution, and routing of packets from outside the LAN.

If I am inside the LAN, cboldt.is-a-geek.net resolves to 192.168.0.1

Again, from /etc/dnsmasq.d/dnsmasq-local.conf (or /etc/dnsmasq.conf)

```
cname=cboldt.is-a-geek.net,hypoid
```

If I am outside the LAN, I am outside my own DNS, so get whatever IP address is served by the DNS I am petitioning for network addresses.  At this moment, cboldt.is-a-geek.net is at 72.224.158.246

In addition to IP address resolution, when I am outside the LAN, connections to cboldt.is-a-geek.net first hit the router, and the router decides what to do with those packets.  From your question, you have that part working.

Edit to add: curvate.net works the same way.  It is 192.168.0.1 to machines inside the LAN, and until my ISP reassigns my IP address, it is 72.224.158.246 to machines that are outside of the LAN.  The specific names like "printhost" and "jabber," those are NOT visible outside the LAN.

----------

## cowboy0629

 *cboldt wrote:*   

> Putting the material in /etc/dnsmasq.conf works too.  I created the /etc/dnsmasq.d directory, and populated it, so that when dnsmasq is updated by portage, I have fewer changes in /etc/dnsmasq.conf.

 

How do I go about setting this dnsmasq.d directory up.. I like when config files are in a dir like that because then I don't have to worry about the system updating them and I remember reading about that but figured i couldn't do that with gentoo because the DIR was not there... But once this directory is set up.. instead of putting my address in the dnsmasq.conf file I just put them in a file inside this directory correct? and then I don't have to restart the service every time I make a change..

thanks for all your help so far.. Im still lost in the above answer but I thinking if I get things cleaned up on my server it will be easier to folow your examples Do I just create directory? and then what do I call the host file in there

----------

## cboldt

Use the command line.  If you are not logged in as root, preface the two command below with "sudo"

```
cd /etc

mkdir dnsmasq.d
```

Or, since we know /etc exists, just `mkdir /etc/dnsmasq.d` will work.

Then you have to configure dnsmasq to look there.  The supplied /etc/dnsmasq.conf has example lines for this.  I used the example that loads everything named /etc/dnsmaq.d/*.conf

I try to use "local.cfg" files whenever possible, for exactly the reason you mentioned. 

As for having to restart or not, read the man page for dnsmasq.  Some information will update automatically (/etc/hosts and similar, if I recall), some other information will be re-read if the running dnsmasq is send a SIGHUP (some DHCP material), and other information requires stopping and restarting.

Edit to add: call the host file whatever you want.  I have three files in /etc/dnsmasq.d.  "banner-ads.conf", "local-block.conf", and "dnsmasq-local.conf"  My "dnsmasq-local" has the dhcp-by-MACID assignments as well as the aliases and other settings.  You can break your local config up into separate files, combine them all in one file, whatever floats your boat.

The "banner-ads" file is taken from https://pgl.yoyo.org/adservers/serverlist.php, using the "address=/101com.com/127.0.0.1" form.

----------

## cowboy0629

Hi Thanks.. I will try to do that this weekend and let you know how things go.. sorry it has been a few days since I replied.. I just have so many projects on the go right now and Im working 2.5 hours away from home so I've been real tired this week...

Post results soon

----------

## cowboy0629

I think I got it now.. But not 100% yet I will let you kknow when I get home testing everything remotely with work I it seems to be finding the websites now from a computer on the local network but hard to tell...

next i was wondering if there was a way to get dnsmasq to assign a static ip to a computer using the host name of the machine because my laptop has 2 mac address wireless and wired... (I use connman becuase i use the e21 desktop environment) but I miss network manager because I would just clone the wireless mac with the wired... so I am unabe to get them to work the same address... I like being able to access any of my computers from anywhere in the house from any machine.. ..

I tried putting both mac address into dnsmasq with the same address and it will not let me do this so 

I need dns masq to say <hostname> = IP address

thanks for all help

 Mike

----------

## cboldt

The dhcp-host= lines are powerful!  Below lifted straight from the dnsmasq.conf file shipped with the package.

```
# Supply parameters for specified hosts using DHCP. There are lots

# of valid alternatives, so we will give examples of each. ... The order of the 

# parameters in these do not matter, it's permissible to give name, address

# and MAC in any order.

# Give a host with Ethernet address 11:22:33:44:55:66 or

# 12:34:56:78:90:12 the IP address 192.168.0.60. Dnsmasq will assume

# that these two Ethernet interfaces will never be in use at the same

# time, and give the IP address to the second, even if it is already

# in use by the first. Useful for laptops with wired and wireless

# addresses.

#dhcp-host=11:22:33:44:55:66,12:34:56:78:90:12,192.168.0.60

# Give the machine which says its name is "bert" IP address

# 192.168.0.70 and an infinite lease

#dhcp-host=bert,192.168.0.70,infinite
```

For that second example, I assume that "bert" has to communicate his HOSTNAME when requesting an IP address.  For the first example, I assume that in addition to assigning the IP addy, dnsmaq would be happy to assign the "hostname" too.

----------

## cboldt

As for accessing any machine, consistently, the need for a known IP depends on your habits and preferences.  I like to know the IP addy in case dnsmasq fails (or I fail to set it up right), but in practice, I think I "always" call the machines by name, so don't care what their local IP is.

I also use a little trick in /etc/ssh/ssh_config, which associates an alias (home) to a netname, but only for ssh related action (which applies to ssh, of course, but also to scp and rsync)

```
Host            home

Hostname        cboldt.is-a-geek.net
```

----------

## cowboy0629

 *cboldt wrote:*   

> The dhcp-host= lines are powerful!  Below lifted straight from the dnsmasq.conf file shipped with the package.
> 
> ```
> # Supply parameters for specified hosts using DHCP. There are lots
> 
> ...

 

thanks..  that paragraph for some reason is not in my .conf file... I thought I seen it at some point.. but I thought it was on a website.. and you know how it goes you see a website with great information and can't find it again when you actually want it...

----------

## cowboy0629

 *cboldt wrote:*   

> As for accessing any machine, consistently, the need for a known IP depends on your habits and preferences.  I like to know the IP addy in case dnsmasq fails (or I fail to set it up right), but in practice, I think I "always" call the machines by name, so don't care what their local IP is.
> 
> I also use a little trick in /etc/ssh/ssh_config, which associates an alias (home) to a netname, but only for ssh related action (which applies to ssh, of course, but also to scp and rsync)
> 
> ```
> ...

 

i read your stuff.. and everything has your domain name attached to it.. am I able to do this with my domain once I get it on wednesday.. I have finally decided not to use the ddns.net address and get myself an actual domain.. Thank-you for all your help so far I will know tonight if my original question has been solved.. No I am wondering if I should continue on with the hostname.domain.com stuff or ask a new question

----------

## cboldt

cboldt.is-a-geek.net is a DDNS name.  The IP changes at the whim of my ISP, and it falls to me to keep the name/IP association up to date.

There are a bunch of places that will hand you a DDNS name for the asking.  is-a-geek.net is hosted by dyndns (dyn.com), and they offer quite a few options, including is-a-llama.com and broke-it.net.

curvate.net also resolves to here.  That name I had to pay for separately.

I use a cronjob script to daily check what IP my ISP has given me.  It changes maybe a few times a year.  When it does, the script calls ez-ipupdate to inform dyndns of the change.

----------

## cowboy0629

 *cboldt wrote:*   

> cboldt.is-a-geek.net is a DDNS name.  The IP changes at the whim of my ISP, and it falls to me to keep the name/IP association up to date.
> 
> There are a bunch of places that will hand you a DDNS name for the asking.  is-a-geek.net is hosted by dyndns (dyn.com), and they offer quite a few options, including is-a-llama.com and broke-it.net.
> 
> curvate.net also resolves to here.  That name I had to pay for separately.
> ...

 

Im using no-ip.. I purchased my.com but need to purchase the plus package so I can use my domain with them....

----------

## cboldt

I checked dyndns, and they don't offer  "is-a-cowboy." either.  Bummer!

----------

## cowboy0629

Thank-you everyone for the help.. I now have setup files in /etc/dnsmask.d/ and dns is now working and I can view websites from my internal network.. 

thank-you cboldt ..

cboldt.. I noticed by reading some of my older posts you have helped me solve allot of my problems... thanks for the help.. and thank-you everyone else for the help and suggestions

----------

## cowboy0629

Spoke too soon.. I seen the internet working for my websites.. but internal computers are not working all of a sudden this part was working last night 

```

mike@GW2 ~/ $ ssh gw1

ssh: Could not resolve hostname gw1: No address associated with hostname

```

here are new files

[code]

---------------------------------------------------

/etc/hosts

127.0.0.1        localhost

::1              localhost ip6-localhost ip6-loopback

---------------------------------------------------

/etc/resolv.dnsmasq.conf

nameserver 127.0.0.1

## External nameservers

# Google #

nameserver 8.8.8.8

nameserver 8.8.4.4

--------------------------------------------------

/etc/dnsmasq.conf

domain-needed

bogus-priv

resolv-file=/etc/resolv.dnsmasq.conf

strict-order

interface=enp17s0

domain=mike-net

dhcp-range=192.168.0.20,192.168.0.40,255.255.255.0,12h

conf-dir=/etc/dnsmasq.d/,*.conf

--------------------------------------------------------

/etc/dnsmasq.d/00-byMac.Conf

# ASSIGNED BASED ON MAC ADDRESS

dhcp-host=10:dd:b1:9e:cb:33,Michaels-iMac,192.168.0.100

dhcp-host=bc:83:85:b4:f3:bd,XboxOne,192.168.0.102

dhcp-host=fc:c2:de:e3:e2:f1,GalaxyS5_Mike,192.168.0.103

dhcp-host=6c:70:9f:19:7c:12,Michaels-iPad,192.168.0.104

#dhcp-host=30:52:cb:46:8b:ad,acer,192.168.0.106

#dhcp-host=30:65:ec:91:83:f0,acer,192.168.0.106

dhcp-host=c4:57:6e:43:6f:6e,Samsung50,192.168.0.160

dhcp-host=00:21:00:8c:fd:6c,Dennison-PC,192.168.0.162

-----------------------------------------------------------

/etc/dnsmasq.d/05-byHosts.conf

dhcp-host=acer,192.168.0.106,infinite

-------------------------------------------------------------

/etc/dnsmasq.d/20-cname.conf

cname=cowboy0629.ddns.net,gw1

cname=needfulthings.ddns.net,gw1

cname=tilleyskarate.com,gw1

-------------------------------------------------------------

EDIT: Wrong resolv.conf to proper resolv.confLast edited by cowboy0629 on Tue Feb 28, 2017 1:27 am; edited 1 time in total

----------

## cboldt

Is GW2 getting its DNS from your dnsmask setup?  It can either be told to get its DNS service via the IPs named during dhcp network setup, or it might be configured to get its nameservice elsewhere.  I use `dig` to figure out what the machine is using for dnsserver.  `dig gw1`

I also think you have the "cname" parameters reversed.  The alias is first, the real HOSTNAME is second.

Separately, your machine "acer" can be defined as ...

```
dhcp-host=30:52:cb:46:8b:ad,30:65:ec:91:83:f0,acer,192.168.0.106
```

Then "acer" can just get it's net config via dhcp, with dnsmasq giving the name and IP regardless of which MACID comes over the transom.

My pleasure being of help.

Edit to correct: I think you have the right order in cnames.  Assuming gw2 is getting nameservice from your dnsmasq machine, the question is whether or not "gw1" ever gets an IP address.  My "home" machine has a HOSTNAME=hypoid, and that relationship is defined in /etc/hosts on "hypoid"  That /etc/hosts file includes the LAN address for hypoid (192.168.0.1), which matches the network setup in /etc/conf.d/net on "hypoid", which asserts that fixed IP for itself.

----------

## cowboy0629

I will make that change now.... and remove acer 

acer is also not connecting to gw1 or gw2 and vice versa same error

```

mike@acer ~/ $ dig gw1

; <<>> DiG 9.11.0-P2 <<>> gw1

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12442

;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:

;gw1.                           IN      A

;; Query time: 1 msec

;; SERVER: 192.168.0.1#53(192.168.0.1)

;; WHEN: Mon Feb 27 19:47:00 EST 2017

;; MSG SIZE  rcvd: 21

```

```

mike@GW2 ~/ $ dig gw1

; <<>> DiG 9.11.0-P3 <<>> gw1

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26120

;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:

;gw1.                           IN      A

;; Query time: 0 msec

;; SERVER: 192.168.0.1#53(192.168.0.1)

;; WHEN: Mon Feb 27 19:49:24 EST 2017

;; MSG SIZE  rcvd: 21

```

this happens to me allot with one thing works one day and then the next it don't...

----------

## cowboy0629

just realized I sent you the resolv.conf out of gw2 in the above post.. the actual resolv.conf for GW1 (router) is

```

/etc/resolv.dnsmasq.conf

nameserver 127.0.0.1

## External nameservers

# Google #

nameserver 8.8.8.8

nameserver 8.8.4.4

```

----------

## cboldt

Once it's setup, it will work great.  I had lots of trouble getting things right too, and one day it works, the next it doesn't sort of thing was driving me batty.

Well, I see that your dnsmasq machine is serving up the answers to both @acer and @gw2, and the response time is snappy.

What is in /etc/hosts on @gw1?

My dnsmasq machine, also at 192.168.0.1, is called "hypoid"

```
# /etc/hosts

127.0.0.1       localhost

192.168.0.1   hypoid.curvate.net      hypoid

192.168.0.1   curvate.net
```

I don't recall if just a SIGHUP to dnsmasq, or a restart is required to reload /etc/hosts.

That is the entire working part of my /etc/hosts on hypoid.  All the other aliases are set by dnsmasq.

----------

## cboldt

On my dnsmasq machine, in dnsmasq.conf (or its cousin)

```
resolv-file=/etc/resolv.dnsmasq
```

There is another resolv-file (dnsmasq can have multiples of this), but it is an artifact for ppp-dialup.  I'm going to show the working contents of both, just for completeness

```
# /etc/resolv.dnsmasq

nameserver 208.67.220.220

nameserver 208.67.222.222

nameserver 8.8.8.8

nameserver 8.8.4.4

nameserver 64.68.192.10
```

And for the dialup ...

```
# /etc/ppp/resolv.conf

nameserver 64.136.173.5

nameserver 64.136.164.77
```

That's the material that dnsmasq works from, but I want the LAN machines, all of them including the one running dnsmasq, to NOT seek answers from those nameservers, but instead to seek answers from 192.168.0.1.

So, all the network machines are setup with /etc/resolv.conf

```
# /etc/resolv.conf

domain curvate.net

nameserver 192.168.0.1
```

/etc/resolv.conf can be generated locally.  In one case I have ...

```
# Generated by dhcpcd from wlan0.dhcp

domain curvate.net

nameserver 192.168.0.1
```

----------

## cowboy0629

Something has happend I can get outside network but can't get anything internal.. just realized I can't read my websites anymore either... from internal network.. not sure what happend I had that working last night

now I am getting connection refused from outside network to websitesLast edited by cowboy0629 on Tue Feb 28, 2017 2:18 am; edited 1 time in total

----------

## cowboy0629

cboldt --

would it be easier if I gave you access to network.. maybe you could see what is going on easier then I could explain it.. I also have screen installed so I could maybe see what I have done wrong..

Mike

----------

## cboldt

Maybe a mix of DNS and firewall issues going on.  We can troubleshoot the DNS independent of the firewall.  Just stick to `dig` or `nslookup` (and maybe `route`) for now, and contents of the various /etc/hosts and /etc/resolv.conf files, plus setting up dnsmasq.

I don't think we need to arrange some stranger stepping on your turf just yet.

----------

## cowboy0629

Ok.. Im now wondering what has happend from now and 4 hours ago everything was working perfect.. 

they only thing i changed was the acer file which i deleted and changed and still nothing.. things are getting worse...

should anything be in the host file of (ROUTER GW1) or it should be finding every thing from the other files just like it did the night before

----------

## cowboy0629

Ok I seem to have Apache Working again on the LAN and WAN AGAIN..

Computers can't find each other but they can find gw1 now

----------

## cboldt

I still want to see the contents of /etc/hosts on gw1

And, reading man dnsmasq, I see that you don't need to restart dnsmasq in order to read a changed /etc/hosts

```
When it receives a SIGHUP, dnsmasq clears its cache and then re-loads /etc/hosts ...
```

We should test DNS from gw1 and some other machine, vs. an outside IP addy.  Try `dig curvate.net` and you should get 72.224.158.246, and that answer should come from 192.168.0.1

As for the mystery of changed behavior, the name/IP assignment dished out by DNS has a time to live (TTL), so some machines may know (or think they know) the name/IP assignment, even though DNS lookup isn't working.  If they (think they) know, they don't ask.

----------

