DNSMasq local DNS

[JoQ]

Hi,

I have an AC68U with Merlin's software.

My goal is to be able to access different services from my server, which all has the same IP, 192.168.1.2.
I want to be able to access my nginx webserver by visiting web.lan, and another webserver by visiting web2.lan and Sonarr with sonarr.lan etc.

I have read in a guide that this is possible with OpenMediaVault which is my NAS software:
http://forum.openmediavault.org/ind...ess-through-prefix-hostname-Nginx-Proxy-pass/

One thing I need is to use DNS local resolver according to the above guide.

I found this:
https://github.com/RMerl/asuswrt-merlin/wiki/Custom-domains-with-dnsmasq

Which I followed and somehow managed to break my internet completely, couldn't access the router. No connection and was not able to reset the router. But after a long time I managed to reset it and setup everything again.
So I don't want to make the same mistakes.

How do I do this?

Add the following to dnsmasq.conf.add?
address=/web.lan/web2.lan/sonarr.lan/192.168.1.2

Is this correct?

 

[thelonelycoder]

Since all you want is pointing your *.lan tld's to the IP, this is a valid entry for your dnsmasq.conf.add:

address=/lan/192.168.1.2

Then restart dnsmasq via telnet/ssh or reboot router:

service restart_dnsmasq

Now all your devices looking for a *.lan domain will be pointed to the routers web server IP and resolved by the web server installed.

Edit:
If you want to point them at different IP's, leave out the above wildcard pointer and set directives one per line, like so:
address=/firstdomain.lan/192.168.1.2
address=/seconddomain.lan/192.168.1.3

 

[JoQ]

Since all you want is pointing your *.lan tld's to the IP, this is a valid entry for your dnsmasq.conf.add:

address=/lan/192.168.1.2

Then restart dnsmasq via telnet/ssh or reboot router:

service restart_dnsmasq

Now all your devices looking for a *.lan domain will be pointed to the routers web server IP and resolved by the web server installed.

Thank you, but how would I do to point like web.lan or sonarr.lan to the correct service? How does it know which is which? Is this done via NGinx reverse?
Because the reason I want to do this is to be able to use my web domains to link to my servers services (which are all run on the same server and ports 80/443).

Edit: And because I have a few domains, which I want to link directly to my Nginx webserver, can I somehow do this locally with DNSMasq? Like www.domain1.com takes me to web1.lan and www.domain2.com takes me to web2.lan?
I use the asuscomm.com adress to access my server from the outside.

Thank you!

 

[thelonelycoder]

Thank you, but how would I do to point like web.lan or sonarr.lan to the correct service? How does it know which is which? Is this done via NGinx reverse?
Because the reason I want to do this is to be able to use my web domains to link to my servers services (which are all run on the same server and ports 80/443).

As I said, the server will sort it out for you, as you have to create virtual hosts for each domain.

 

[thelonelycoder]

Edit: And because I have a few domains, which I want to link directly to my Nginx webserver, can I somehow do this locally with DNSMasq? Like www.domain1.com takes me to web1.lan and www.domain2.com takes me to web2.lan?
I use the asuscomm.com adress to access my server from the outside.

Since the user script is called dnsmasq.conf.add I would assume that Dnsmasq is somehow involved in that...

 

[JoQ]

As I said, the server will sort it out for you, as you have to create virtual hosts for each domain.

But isn't this
address=/lan/192.168.1.2
The same thing as RT-AC68U's Domain Name under LAN settings, if this is set to lan?

 

[thelonelycoder]

But isn't this
address=/lan/192.168.1.2
The same thing as RT-AC68U's Domain Name under LAN settings, if this is set to lan?

I think you need to read up on nginx configuration first. Of couse, your webserver MAY NOT run on the same IP as your router's WebUI.
This involves creating a virtual interface for your web server and assigning an IP outside of the DHCP pool.

And of course, you can play havoc in you LAN with an entry such as this:

address=/google.com/192.168.1.3

 

[JoQ]

I think you need to read up on nginx configuration first. Of couse, your webserver MAY NOT run on the same IP as your router's WebUI.
This involves creating a virtual interface for your web server and assigning an IP outside of the DHCP pool.

And of course, you can play havoc in you LAN with an entry such as this:

address=/google.com/192.168.1.3

I just tried everything, and I followed this guide completely:
https://github.com/RMerl/asuswrt-merlin/wiki/Custom-domains-with-dnsmasq
And I added this to the dnsmasq.conf.add
address=/lan/192.168.1.2

And
service restart_dnsmasq

The result. No internet connection and wired connection was broken. Tried rebooting router. Cannot access it via ethernet at all. Still connected with phone to wifi and was able to use a Telnet app to delete the line from dnsmasq.conf.add. Restarted dnsmasq and everything was back to normal.
So what am I doing wrong?
The dnsmasq.conf.add only consists of this line:
address=/lan/192.168.1.2
Also followed the guide "To save and quit editor quit typing with ESC and write :wq and hit ENTER"

The only setting I was unsure of was this one:
Advertise routers IP in addition to user specified DNS
Which I set to disabled.

Any ideas? Using Merlin 380.63_2

 

[ColinTaylor]

What happens if you use the line you originally suggested

address=/web.lan/web2.lan/sonarr.lan/192.168.1.2

 

[thelonelycoder]

The result. No internet connection and wired connection was broken. Tried rebooting router. Cannot access it via ethernet at all. Still connected with phone to wifi and was able to use a Telnet app to delete the line from dnsmasq.conf.add. Restarted dnsmasq and everything was back to normal.
So what am I doing wrong?
The dnsmasq.conf.add only consists of this line:
address=/lan/192.168.1.2
Also followed the guide "To save and quit editor quit typing with ESC and write :wq and hit ENTER"

What does a ping say if you do it without the entry in the dnsmasq.conf.add?
If you ping from a connected device for, say sonarr.lan, does it resolve somewhere?
Also, what is your router's IP? It cannot be the same as the one you enter into th conf file.
And is there a (Router Model) Domain Name in the LAN/DHCP Server/ field?

The samples I posted work flawless for years for me, for several local (physical) servers.

 

[eddiez]

What does a ping say if you do it without the entry in the dnsmasq.conf.add?
If you ping from a connected device for, say sonarr.lan, does it resolve somewhere?
Also, what is your router's IP? It cannot be the same as the one you enter into th conf file.
And is there a (Router Model) Domain Name in the LAN/DHCP Server/ field?

The samples I posted work flawless for years for running:

me, for several local (physical) servers.

This is my setup with internal dns server, but with wpad.dat on Asus router. The DNS server on my Synology has the A records set for the internal*.lan addresses. Works, all are pingable. Code in jffs/scripts/dnsmasq.postconf:
-----------------------------
#!/bin/sh
CONFIG=$1
source /usr/sbin/helper.sh

IP=192.168.1.1
DOMAIN=lan

pc_append "address=/wpad/$IP" $CONFIG
pc_append "address=/wpad.$DOMAIN/$IP" $CONFIG
pc_append "address=/proxy/$IP" $CONFIG

pc_replace 'dhcp-option=lan,252,"\n"' 'dhcp-option=lan,252,"http://wpad.'$DOMAIN'/wpad.dat"' $CONFIG

 

[JoQ]

What does a ping say if you do it without the entry in the dnsmasq.conf.add?
If you ping from a connected device for, say sonarr.lan, does it resolve somewhere?
Also, what is your router's IP? It cannot be the same as the one you enter into th conf file.
And is there a (Router Model) Domain Name in the LAN/DHCP Server/ field?

The samples I posted work flawless for years for me, for several local (physical) servers.

"C:\Users\Joakim>ping sonarr.lan
Ping request could not find host sonarr.lan. Please check the name and try again."

Routers IP is 192.168.1.1 and servers IP is 192.168.1.2 which I put in the conf file.

I have put "lan" in RT-AC68U's Domain Name, does this interfere?

 

[ColinTaylor]

@eddiez I don't think your configuration can help us at the moment because it's only dealing with proxy auto-configuration. The current issue appears to be with name resolution.

"C:\Users\Joakim>ping sonarr.lan
Ping request could not find host sonarr.lan. Please check the name and try again."

Routers IP is 192.168.1.1 and servers IP is 192.168.1.2 which I put in the conf file.

We'd need to know what is currently in your dnsmasq configuration to understand the output. Also, it would be more useful if you did "nslookup sonarr.lan" rather than a ping.

I have put "lan" in RT-AC68U's Domain Name, does this interfere?

There was a bug reported here with domains that are 3,4 or 8 characters long. It doesn't sound like it's your problem, but you never know. Try temporarily changing it to something like "mylan" for testing purposes.

 

[eddiez]

@eddiez I don't think your configuration can help us at the moment because it's only dealing with proxy auto-configuration. The current issue appears to be with name resolution.

We'd need to know what is currently in your dnsmasq configuration to understand the output. Also, it would be more useful if you did "nslookup sonarr.lan" rather than a ping.

There was a bug reported here with domains that are 3,4 or 8 characters long. It doesn't sound like it's your problem, but you never know. Try temporarily changing it to something like "mylan" for testing purposes.

It also relies on the internal DNS configuration.
Was
DNS and WINS Server Setting
DNS Server 1 = Internal DNS server IP
DNS Server 2 = Empty

set correctly in http://192.168.1.1/Advanced_DHCP_Content.asp ?

 

[JoQ]

@eddiez I don't think your configuration can help us at the moment because it's only dealing with proxy auto-configuration. The current issue appears to be with name resolution.

We'd need to know what is currently in your dnsmasq configuration to understand the output. Also, it would be more useful if you did "nslookup sonarr.lan" rather than a ping.

There was a bug reported here with domains that are 3,4 or 8 characters long. It doesn't sound like it's your problem, but you never know. Try temporarily changing it to something like "mylan" for testing purposes.

I have now tried again according to your answers.
Here is the nslookup before editing the dnsmasq.conf.add
C:\Users\Joakim>nslookup sonarr.lan
Server: router.asus.com
Address: 192.168.1.1
*** router.asus.com can't find sonarr.lan: Non-existent domain

After this I tried the suggested address=/web.lan/web2.lan/sonarr.lan/192.168.1.2 to dnsmasq.conf.add (which by the way is the only line in this file).
C:\Users\Joakim>nslookup sonarr.lan
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.1.1

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
*** Request to UnKnown timed-out

I have changed RT-AC68U's Domain Name to "local" from "lan".
Still got the exact same problems!

 

[ColinTaylor]

Can you post the output of

ipconfig /all

 

[JoQ]

Can you post the output of

ipconfig /all

C:\Users\Joakim>ipconfig /all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : local

Ethernet adapter Ethernet:

   Connection-specific DNS Suffix  . : local
   Description . . . . . . . . . . . : This Killer Ethernet Controller connects you to the network.
   Physical Address. . . . . . . . . : 74-D4-35-E9-FE-66
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::4ce0:868d:3d5e:bc61%17(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.3(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : den 28 mars 2017 19:20:06
   Lease Expires . . . . . . . . . . : den 29 mars 2017 19:32:26
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 91542581
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1D-76-31-1B-74-D4-35-E9-FE-66
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.local:

   Connection-specific DNS Suffix  . : local
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::5efe:192.168.1.3%11(Preferred)
   Default Gateway . . . . . . . . . :
   DHCPv6 IAID . . . . . . . . . . . : 218103808
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1D-76-31-1B-74-D4-35-E9-FE-66
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Disabled

Ethernet adapter Bluetooth-nätverksanslutning:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : 00-1A-7D-DA-71-0A
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6abd:2c62:3317:ac1d:2417(Preferred)
   Link-local IPv6 Address . . . . . : fe80::2c62:3317:ac1d:2417%14(Preferred)
   Default Gateway . . . . . . . . . : ::
   DHCPv6 IAID . . . . . . . . . . . : 150994944
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1D-76-31-1B-74-D4-35-E9-FE-66
   NetBIOS over Tcpip. . . . . . . . : Disabled

Hope I don't post anything sensitive?

 

[ColinTaylor]

I think the problem might be that you have both of these

   DNS Suffix Search List. . . . . . : local
   Connection-specific DNS Suffix  . : local

Which means (IIRC) that it's adding .local.local onto the end of hostnames when you do a lookup.

I'd guess that you have manually set the domain for the (entire) PC. And the router is automatically supplying the connection-specific suffix. There are various different ways to correct this depending on your chosen network design.

 

[JoQ]

I think the problem might be that you have both of these

   DNS Suffix Search List. . . . . . : local
   Connection-specific DNS Suffix  . : local

Which means (IIRC) that it's adding .local.local onto the end of hostnames when you do a lookup.

I'd guess that you have manually set the domain for the (entire) PC. And the router is automatically supplying the connection-specific suffix. There are various different ways to correct this depending on your chosen network design.

Ok, I understand the problem. But not really how to solve it?
Should I remove local from RT-AC68U's Domain Name?

 

[ColinTaylor]

Ok, I understand the problem. But not really how to solve it?
Should I remove local from RT-AC68U's Domain Name?

Oops. Sorry, ignore my previous post. I mis-read one of the lines. I read "DNS Suffix Search List" as "Primary Dns Suffix".