Dnsmasq - localise-queries - /etc/hosts file - split-horizon DNS

ShaneOG

I have a problem using split-horizon DNS with dnsmasq.

Basically only the last interface to get a DHCP address on a dual-homed server is registered in the /etc/hosts file on my pfSense 2.0 system.
Both interfaces on the server are assigned via DHCP, and both get the same domain via DHCP. I would rather not change this as it makes things far to complicated for the future.

I have added "localise-queries" to the Advanced Options of the dnsmasq command line.

The full dnsmasq command line is:

/usr/local/sbin/dnsmasq --local-ttl 1 --all-servers --rebind-localhost-ok --stop-dns-rebind --dns-forward-max=5000 --cache-size=10000 --dhcp-hostsfile=/var/etc/hosts --localise-queries

In the /var/dhcpd/var/db/dhcpd.leases file both interfaces are registered/showing:

lease 192.168.98.53 {
  starts 4 2012/09/06 13:24:18;
  ends 5 2012/09/07 13:24:18;
  cltt 4 2012/09/06 13:24:18;
  binding state active;
  next binding state free;
  rewind binding state free;
  hardware ethernet 00:50:xx:xx:xx:xx;
  client-hostname "app4";
}

lease 192.168.99.57 {
  starts 4 2012/09/06 13:33:46;
  ends 5 2012/09/07 13:33:46;
  cltt 4 2012/09/06 13:33:46;
  binding state active;
  next binding state free;
  rewind binding state free;
  hardware ethernet 00:50:xx:xx:xx:xx;
  client-hostname "app4";
}

The /etc/hosts file is only showing one entry for the system, whereas I would have expected to see 2 entries.

# dhpleases automatically entered
192.168.98.53  app4.internal.mydomain.org app4    # dynamic entry from dhcpd.leases

If I run```
dhclient eth0

Any ideas as to how to make this work correctly/as designed?

podilarius

Not sure if this will do it, but add DHCP_HOSTNAME=linuxhost1 to eth0 and DHCP_HOSTNAME= to eth1.

ShaneOG

Thanks podilarius. That may work in terms of the second interface on the server not requesting a DHCP hostname, but that's not the issue I'm trying to solve I'm afraid.

I'll clarify:
I wish the server to be accessible to all networks as app4.internal.mycompany.org. However, when a host which is on the 192.168.98.x network requests the IP address of the server, I wish it to be returned as the IP address on that network, i.e. 192.168.98.53
If a host on the 192.168.99.x network requests the IP address of the server, I wish it to be returned as 192.168.99.57

From http://www.thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html:

-y, --localise-queries
Return answers to DNS queries from /etc/hosts which depend on the interface over which the query was received. If a name in /etc/hosts has more than one address associated with it, and at least one of those addresses is on the same subnet as the interface to which the query was sent, then return only the address(es) on that subnet. This allows for a server to have multiple addresses in /etc/hosts corresponding to each of its interfaces, and hosts will get the correct address based on which network they are attached to. Currently this facility is limited to IPv4.

I've used dnsmasq (on a Linux system) to do this successfully before, so I know it is indeed possible, and dnsmasq on pfSense2.0 accepts localise-queries as a valid command line parameter

ShaneOG

To clarify, I am using this release: 2.0.1-RELEASE (amd64)

jimp

You will probably need to add the hostnames in as DNS forwarder host overrides, but otherwise, localise-queries should do what you're after.
It's just a matter of getting the right data into /etc/hosts

ShaneOG

I'd rather not add in host overrides, since there will be many servers eventually used and I don't want to have to manually add overrides each time a new one is brought up.

This should be possible with dnsmasq - in fact I know it is since I have previously used it, but something in the pfSense distribution is preventing it :(