[Linux] Journal.

Dnsmasq as a lightweight DNS proxy and a DHCP server I use for my home network. apt-get install dnsmasq.

On my server eth0 is connect to my ADSL modem and gets dhcp from my ISP. eth1 is connected to the wireless access point which our laptops connects to, so we need to configure dnsmasq to listen and assign dhcp on eth1, i.e.,

interface=eth1
dhcp-range=192.168.0.10,192.168.0.50,12h  # the ip range to assign to incoming dhcp request on eth1

This can be scripted in network interfaces file so it would be added automatically when the interface (or particular network profile) serving dhcp request is brought up, e.g.,

iface eth1 inet static
        hostname ibao
        address 192.168.10.1
        netmask 255.255.255.0
        # dhcp script
        up echo -e "interface=$IFACE #ADD:$IFACE\ndhcp-range=192.168.10.10,192.\168.10.50,12h #ADD:$IFACE" >> /etc/dnsmasq.conf
        up /etc/init.d/dnsmasq restart
        down /bin/sed -ie "/#ADD:$IFACE/d" /etc/dnsmasq.conf
        down /etc/init.d/dnsmasq restart

We also need to configure NAT so packets gets delivered properly internally. First enable ip_forward:

net/ipv4/ip_forward=1

which echos 1 > /proc/sys/net/ipv4/ip_forward at startup. Then we need to write iptables rules to masquerade outgoing traffic. This can be scripted in network interfaces file as well like such,

# The network interface to the outside
iface eth0 inet dhcp
        hostname frasco
        # iptables
        pre-up iptables -t nat -A POSTROUTING -o $IFACE -j MASQUERADE
        post-down iptables -t nat -D POSTROUTING -o $IFACE -j MASQUERADE

There is one more trick, we need to set localhost as a nameserver so it can resolv local hostnames dnsmasq assigns. However external addresses are still resolved by nameservers from the ISP so we cannot just prepend localhost to resolv.conf since it will go into a self loop and will take a long time to resolv any external addresses. What we could do is tell the server’s dhclient which gets nameservers from ISP to write it to another file and configure dnsmasq to look in that file for nameservers. More concretely,

1. replace all instances of /etc/resolv.conf to /etc/resolv.conf-dhcp in /etc/dhcp3/dhclient-script.
2. in /etc/dnsmasq set resolv-file=/etc/resolv.conf-dhcp
3. in /etc/resolv.conf only have nameserver 127.0.0.1.

Restart configured interfaces on the server with ifupdown and check if we can still access the network outside.

On the client side just configure the interface to use dhcp,

# home
iface home inet dhcp
        hostname frasco
        # wireless options...

Bring it up with ifup eth1=home and it should get an ip from our server. On the server we can see the dhcp leases given out in /var/misc/dnsmasq.leases, check and we should see the client there. Now do the ping test on the client.

This entry was posted on Monday, December 6th, 2004 at 5:30 pm and is filed under Debian, Network. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.