[LEDE-DEV] DNS split horizon *without* dnsmasq

Philip Prindeville philipp_subx at redfish-solutions.com
Sat Mar 31 09:20:20 PDT 2018 


> On Mar 31, 2018, at 9:03 AM, Eric Luehrsen <ericluehrsen at gmail.com> wrote:
> 
> On 03/25/2018 03:27 AM, Philip Prindeville wrote:
>> Thinking Bind, probably.
>> 
>> 
>> 
>>> On Mar 23, 2018, at 5:38 PM, Eric Luehrsen <ericluehrsen at gmail.com> wrote:
>>> 
>>> What do you want to serve your dns then? Unbound or Bind?
>>> 
>>> - Eric
>>> 
>>> On Fri, Mar 23, 2018, 1:31 PM Philip Prindeville <philipp_subx at redfish-solutions.com> wrote:
>>> Hi all,
>>> 
>>> As the ISC-DHCP maintainer, I need to eat my own dogfood so I run that here, before anyone quips, “Why don’t you just run dnsmasq instead?”
>>> 
>>> So… I have some internal names that I want to be able to resolve internally, but I also need to provide DNS service for all of my DHCP clients.
>>> 
>>> Is there a way to prime a “fake” local zone (or cache) and run a caching only nameserver that’s been primed with this “split-horizon” info (i.e. the local names for machines on 192.168.1.0/24, etc)?
>>> 
>>> Or equally, have DHCP prime the local names into the DNS as they get allocated (well, that wouldn’t fully solve my problem as my mail server has a statically allocated IP address, so DHCP wouldn’t know about that).
>>> 
>>> Any ideas?
>>> 
>>> Thanks,
>>> 
>>> -Philip
> With Bind, you will also need to install rndc "remote named control." Otherwise you need to reload bind when the zonefile is changed. That purges the recursion cache. You will need to declare the local domain and local ptr domain as static-stub zones (data local only to bind). You can add forwarders to those zones for static corporate resources manged by another DNS server. You then need a script call from dhpcd to parse its lease file and write a zonefile for the local domain and local pointer domain each. After those are written, rndc calls to reload the two respective zones without restarting all of Bind.
> 
> With Unbound, the OpenWrt package already supports odhcpd for this. It would make a reasonable example for dhcpd and bind. Although both dhcpd and bind have complex lease and configuration formats. I haven't used dhcpd on embedded equipment. Maybe someone could add dhcpd to Unbound conversion script.
> 
> - Eric
> 


Hi Eric,

Thanks for the great feedback.

I’m working with Daniel Golle and Noah Meyerhans on some “glue” to do the integration.

First off is adding support to ISC-DHCP to allow specifying a site-wide domain, and explicit DHCP options analogous to what dnsmasq supports.

That’s here:

https://github.com/openwrt/packages/pull/5819

Was going to add you to the discussion but can’t figure out your Github handle.

As soon as that’s merged (waiting on a sign-off from Golle) I’ll get back to working on the glue, which is in draft form.

-Philip

More information about the Lede-dev mailing list