I’m not sure I’m approaching this correctly but I would like to be able to define different local dns for specific hosts or networks. I’d like to use the RBZ feature in kresd but also be able to define a different forwarder (opendns) for the kids’ devices to enable additional blocking/filtering not present in the rbz files.
I know I can specify option 6 in dhcp for devices to use certain dns, but i want to specify a local dns - for example I want most of the network to use 192.168.7.1 and have another instance listening on 192.168.8.1 or .7.2 or something that uses different upstream dns. I have defined in my WAN section of /etc/config/network specific dns servers, although I’m confused about ‘forwarders’ in the kresd config - does ‘forward_upstream’ = 1 tell it to use those? They appear in /tmp/resolv.conf.auto also. Or if I do not turn on the forwarders option, what does kresd use?
Finally, if kresd uses the definitions from /etc/config/network, how would i define different upstream resolvers for multiple instances? edit the /etc/init.d/kresd?
Sorry for so many questions, just trying to understand how this all fits together.
If you want to use OpenDNS, there’s afaik no point in setting a forwarder, just specify OpenDNS resolver address using DHCP option.
forward_upstream tells the resolver to forward to all servers listed in /tmp/resolv.conf.auto, where a combination of DNS servers from all interfaces is.
If you do not turn on forwarding, kresd acts as a full recursive server, performing complete DNS recursion toward authoritative DNS servers.
It is not supported out of the box to run more instances of kresd. But there’s a simple solution to this – create a LXC container and run another instance of DNS resolver of your choice in it. This would be much simpler than hacking OpenWRT/TurrisOS to support multiple instances.
Thanks, that answers my questions. I think the LXC container is a good idea if I do decide to set up something like this. OpenDNS by itself might be enough for what I want to do as well, that’s a good point.
As of upstream kresd, there should be no problem with running multiple instances with different configs, even with sharing the cache. Still, you need two config files, etc. so it’s not trivial to make standard distros (or Omnia) start kresd like that.