Dnsmasq .lan domain while still using knot resolver

Ah, ok … so when I have forward to dnsmasq the whole private range (168.192.in-addr.arpa) it is ok, because it will not be forwarded outside, right?

Yup, that’s fine. dnsmasq’s setting Network > DHCP and DNS > Advanced Settings > Filter private (Do not forward reverse lookups for local networks) is on by default

Thanks for explanation! :slight_smile:

1 Like

Thanks alot for explaining how to fix the local name resolution. I was really wondering why something so basic like local DNS lookup wasn’t working out of the box.

It’s a basic feature and needs to be fixed fast. There should be definitly a way to configure it via web-ui and not only via shell.

Well, now I feel dumb, since I spent all night yesterday on disabling kresd and making dnsmasq be the default resolver. The problem is there seem to be a couple of custom scripts cz.nics ships that make sure kresd is the resolver that run periodically.

@dpdrown Do I need something special to make sure kresd forwards these queries for AAAA records as well? (if we take into account that dnsmasq will look at /tmp/hosts/odhcpd)

1 Like

Set the dnsmasq server port to 5353 and added the adapted line to /etc/init.d/kresd. Does not work for me, after that kresd does not start anymore. No message in /var/log/messages :frowning:

After swichting from openwrt router to turris omnia it would be fine, to have back local domain name resolving!

Hopefully cz.nic will bring update soon…

it is not adapted - it’s additional line which needs to be inserted. Can you post the whole init_header() function?

I know. I added after line 38 I following line:

echo “policy.add(policy.suffix(policy.FORWARD(‘127.0.0.1@5353’), policy.todnames({‘pigdom’})))” >> $CONFIGFILE

For explanation, I changed my local domain from ‘lan’ to ‘pigdom’. dnsmasq runs on port 5353

Not sure about the line number - I added it as line #40 and it works fine - see below

init_header() {
    echo "--Automatically generated file; DO NOT EDIT" > $CONFIGFILE
    echo "modules = {" >> $CONFIGFILE
    config_get_bool prefetch common prefetch 0
    echo "    'policy'" >> $CONFIGFILE
    if [ "$prefetch" \!= 0 ]; then
            echo "  , 'stats'" >> $CONFIGFILE
            echo "  , predict = {" >> $CONFIGFILE
            echo "        window = 30 -- 30 minutes sampling window" >> $CONFIGFILE
            echo "      , period = 24*(60/30) -- track last 24 hours" >> $CONFIGFILE
            echo "  }" >> $CONFIGFILE
    fi
    echo "}" >> $CONFIGFILE
    echo "policy.add(policy.suffix(policy.FORWARD('127.0.0.1@5353'),  policy.todnames({'home'})))" >>$CONFIGFILE
}
1 Like

Thanks! Added to line #41 and it works now

kresd forwards AAAA records, but dnsmasq’s automatic AAAA record creation (the ra-names flag on the dhcp-range option) isn’t enabled.

Any ideas where is that config file actually spawned?

check the /etc/init.d/kresd script and you can see:

CONFIGFILE=/tmp/kresd.config

1 Like

Yes, I could have checked it, but I’m currently away from my omnia… :wink:

This should be a default config that knotdns starts on port 53 and dnsmasq on 54 or 5353 and then that knotdns forwards to dnsmasq. Ok, Turris Omnia is for powerful users but still I vote for +1 on this as default config.

I think appropriate pull request would work much better than voting :wink:

Well, Luci needs additional comment or tooltip as well then, because if regular user sees that config page, he would think that programmers were drunk to choose non standard DNS port, as all other OpenWRT routers use 53… (He changes it back to 53 and instantly breaks DNS) :smiley:

There is no way, how to configure .lan thing to the knot itself? Using dnsmasq for that is the only way to do that?

I dont care about luci, configuring via script is fine for me, but I dont know how. And it seems cleaner solution to me.

Pull request to where? There does not seem to be a comprehensive guide how tu make pull request or even where to find the repository.

I think it is a better setup like this. If I am not mistaken dnsmasq is also a dhcp server, so it is running no matter what.