Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

another dnsmasq & vpnc question
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
zatalian
Apprentice
Apprentice


Joined: 27 Aug 2002
Posts: 179
Location: Gent, Belgium
PostPosted: Sun Sep 16, 2007 5:00 pm    Post subject: another dnsmasq & vpnc question Reply with quote
I know there are a lot of topics on this but i couldn't find an anser to my question.

I have a normal isp and a vpn connection to my work.
I get the nameservers from my isp in /etc/resolvconf/run/interfaces/eth0

Code:
# Generated by dhcpcd for interface eth0
search telenet.be
nameserver 195.130.130.130
nameserver 195.130.129.162


when i start vpnc i get the nameservers of my work in /etc/resolvconf/run/interfaces/hogent

Code:
nameserver 193.190.126.26
nameserver 193.191.155.1
domain hogent.be


resolvconf combines these 2 files to something like this :

Code:
search telenet.be hogent.be
nameserver 195.130.130.130
nameserver 195.130.129.162
nameserver 193.190.126.26


to which /etc/resolv.conf was linked. That did not work, the names from the internal network from my work did not resolve. So I installed dnsmasq. I used the following options :

Code:

domain-needed
bogus-priv
resolv-file=/etc/resolvconf/run/interfaces/eth0
strict-order
server=/vpn-pers.hogent.be/195.130.130.130
server=/.hogent.be/193.190.126.26
server=/.hogent.be/193.191.155.1


But i have 2 problems with this solution :

1. I don't like the fact that i have to type the nameservers of my work in the config file. I would prefer something like the resolv-file option that reads the nameservers from my isp

2. My work has a lot of names that are public (like vpn-pers.hogent.be, but also mail-in.hogent.be, mail-out.hogent.be, ...). Those names don't work with the nameservers from my isp anymore, unless i create a line like the one for the vpn-pers.hogent.be name.

What i would like from dnsmasq is that i only looks at the nameservers from my work if it can't resolve a name with the servers from my isp. Is that possible. I also would like dnsmasq to look at the file /etc/resolvconf/run/interfaces/hogent
Back to top
View user's profile Send private message
zatalian
Apprentice
Apprentice


Joined: 27 Aug 2002
Posts: 179
Location: Gent, Belgium
PostPosted: Thu Oct 04, 2007 10:58 am    Post subject: Reply with quote
Today, a solution was posted on the vpnc mailing list which solved all my dns problems!! It involves using dbus to add the vpn dns servers dynamically to the dnsmasq server when the connection is made.

http://lists.unix-ag.uni-kl.de/pipermail/vpnc-devel/2007-October/001875.html
Back to top
View user's profile Send private message
UberLord
Retired Dev
Retired Dev


Joined: 18 Sep 2003
Posts: 6835
Location: Blighty
PostPosted: Thu Oct 04, 2007 2:26 pm    Post subject: Reply with quote
resolvconf-gentoo + openvpn + dnsmasq works like that in Gentoo also

The difference is that openvpn writes to the "domain" bit in /etc/resolv.conf and the scripts know that queries for that domain go to the dns servers listed by openvpn, and everything else doesn't
http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-misc/openvpn/files/up.sh?rev=1.12&view=markup

So you may want to consider writing a similar script for vpnc and donating it to Gentoo.
That way vpnc doesn't have to know about dnsmasq, it just lets resolvconf handle everything.

Works quite well:)
_________________
Use dhcpcd for all your automated network configuration needs
Use dhcpcd-ui (GTK+/Qt) as your System Tray Network tool
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2024 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy