I had been running dnsmasq on a machine on my network and using addn-hosts for
ad blocking. My router was configured with my ISP's DNS servers.
I used "net:red" to assign the router as DNS server for certain devices (Roku
streamers, notably) to avoid the ad blocking, because some of the apps on the
router would not work properly with the ad blocking in place. This told those
devices to go directly to the router for DNS services.
router/gateway 192.168.2.1
dnsmasq machine 192.168.2.11
## dnsmasq.conf fragment
domain-needed
bogus-priv
no-resolv
local=/artg.tv/
interface=eth0
domain=artg.tv
server=8.8.8.8,8.8.4.4
dhcp-option=option:dns-server,192.168.2.11
## use dnsmasq machine for DNS
dhcp-option=net:red,option:dns-server,192.168.2.1
dhcp-host=00:01:03:27:84:95,192.168.2.15,martha
## typical of computer assignments
dhcp-host=d8:31:34:36:d0:18,192.168.2.135,ROKU-1-WIFI,net:red ## typical of
ad blocking avoidance
## end dnsmasq.conf fragment
This all worked fine.
Then I obtained a newer router and installed OpenWRT on it. This, too, worked
fine until I moved dnsmasq onto the router. The configuration now looks like
this:
router/gateway 192.168.2.1
dnsmasq machine 192.168.2.1
## dnsmasq.conf fragment
domain-needed
bogus-priv
no-resolv
local=/artg.tv/
interface=br-lan
domain=artg.tv
server=8.8.8.8,8.8.4.4
dhcp-option=option:dns-server,192.168.2.1
## use dnsmasq on the router for DNS
dhcp-option=net:red,option:dns-server,8.8.8.8,8.8.4.4 ##
Google public DNS servers
dhcp-host=00:01:03:27:84:95,192.168.2.15,martha
## typical of computer assignments
dhcp-host=d8:31:34:36:d0:18,192.168.2.135,ROKU-1-WIFI,net:red ## typical of
ad blocking avoidance
Now the Roku streamers and some of the apps on them aren't so happy. Despite
the "net:red" tag, dnsmasq is intercepting all DNS requests and it is returning
0.0.0.0 when the host being looked up is in one of the addn-hosts files.
I have DHCP and DNS logging turned on in dnsmasq and can see the Roku streamers
ask for option 6 (dns-server) and they get the expected response (the Google
DNS servers). Yet when they make a DNS request, its being processed by dnsmasq
and the add-hosts files are being consulted, the result being that hosts listed
in one of the files have their IP address returned as 0.0.0.0.
I suppose this is expected, as dnsmasq is acting as a DNS relay only if it
cannot resolve the request, and since the ad hosts are listed in an addn-hosts
file, dnsmasq -can- resolve the request despite it not being within the local,
private IP address block.
I'm thinking I need a second dnsmasq instance configured to handle those
devices that cannot have ad blocking, and the appropriate division of
configurations, including complimentary use of the "ignore" option to dhcp-host
on the two configurations.
Is there a simpler way to deal with this? And no, I'd rather not move back to
using a machine on the network for dnsmasq if I can avoid it.
Thanks.
--
Art Greenberg
a...@artg.tv
_______________________________________________
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
