Configuring a Linux Wireless Access Point (Page 1 of 4 )
4.3 Setting Up Name Services
Problem
Your LAN is going to have a combination of hosts with static IP addresses and DHCP clients that come and go, especially wireless clients. And, you want DHCP clients to automatically be entered into DNS so they can be accessed by hostname just like the hosts with static IP addresses.
Solution
You don’t want much. Fortunately, you can have it all. Pyramid comes with dnsmasq, which handles DHCP and DNS, and automatically enters DHCP clients into DNS. This requires the clients to send their hostnames when they are requesting a DHCP lease. Windows clients do this by default. Most Linux clients do not, so go to Recipe 4.5 to learn about client configuration.
Now, we’ll edit /etc/dnsmasq.conf on your Pyramid box. First make the filesystem writeable by running/sbin/rw. Copy this example, using your own network name instead of alrac.net, whatever DHCP range you prefer, and your own upstream nameservers:
pyramid:~# /sbin/rw
pyramid:~# nano /etc/dnsmasq.conf
domain-needed
bogus-priv
local=/alrac.net/
expand-hosts
domain=alrac.net
interface=br0
listen-address=127.0.0.1
#upstream nameservers
server=22.33.44.2
server=22.33.44.3
dhcp-range=lan,192.168.1.100,192.168.1.200,12h
dhcp-lease-max=100
Next, add all of your hosts that already have static IP addresses to /etc/hosts on your Pyramid box, using only their hostnames and IP addresses. At a minimum, you must have an entry for localhost and your Pyramid router:
## /etc/hosts
127.0.0.1 localhost
192.168.1.50 pyramid
192.168.1.10 xena
192.168.1.74 uberpc
Restart dnsmasq:
pyramidwrap:~# killall dnsmasq
To test your new nameserver, ping your LAN hosts from each other:
$ ping pyramid
$ ping xena
$ ping uberpc
You should see responses like this:
PING pyramid.alrac.net (192.168.1.50) 56(84) bytes of data.
64 bytes from pyramid.alrac.net (192.168.1.50): icmp_seq=1 ttl=64 time=0.483 ms
64 bytes from pyramid.alrac.net (192.168.1.50): icmp_seq=2 ttl=64 time=0.846 ms
You should be able to ping both wired and wireless clients, and DHCP clients should be entered automatically into the DNS table as well.
Finally, verify that their domain names are correctly assigned by DNS:
$ hostname
xena
$ hostname -f
xena.alrac.net
$ dnsdomainname
alrac.net
Discussion
Pyramid Linux mounts a number of files into a temporary, writeable filesystem, like /etc/resolv.conf. You can see which ones they are by looking in /rw, or running ls -l /etc to see which ones are symlinked to /rw. These are copied over from /ro on boot. It’s designed to keep flash writes down. So, you can either edit /ro, or make the files in /etc immutable.
dnsmasq.conf crams a lot of functionality into a few lines, so let’s take a closer look:
domain-needed
Do not forward requests for plain hostnames that do not have dots or domain parts to upstream DNS servers. If the name is not in /etc/hosts or DHCP, it returns a “not found” answer. This means that incomplete requests (for example, “google” or “oreilly” instead of google.com or oreilly.com) will be cut off before they leave your network.
bogus-priv
Short for “bogus private lookups.” Any reverse lookups for private IP ranges (such as 192.168.x.x) are not forwarded upstream. If they aren’t found in /etc/hosts, or the DHCP leases file, “no such domain” is the answer. Usingdomain-neededandbogus-privare simple options for practicing good Netizenship.
local=/alrac.net/
Put your local domain name here so queries for your local domain will only be answered from /etc/hosts and DHCP, and not forwarded upstream. This is a nice bit of magic that lets you choose any domain name for your private network and not have to register it. To make this work right, you also need theexpand-hostsanddomainoptions.
expand-hosts
This automatically adds the domain name to the hostnames.
domain=alrac.net
expand-hostslooks here for the domain name.
interface
Define which interface dnsmasq should listen to. Use one line per interface, if you have more than one.
listen-address=127.0.0.1
This tells dnsmasq to also use its own local cache instead of querying the upstream nameservers for every request. This speeds up lookups made from the router, and it also allows the router to use your local DNS. You can verify this by pinging your LAN hosts from the router by their hostnames or FQDNs.
server
The server option is used for several different purposes; here, it defines your upstream DNS servers.
dhcp-range=lan,192.168.1.100,192.168.1.200,12h
Define your pool of DHCP leases and lease time, and define a network zone called “lan.” Using named zones lets you assign servers and routes to groups of clients and different subnets; see Recipe 3.13 to see this in action.
dhcp-max-lease
Maximum limit of total DHCP leases. The default is 150. You may have as many as your address range supports.
See Also
Recipe 4.12 for an example of using named zones
man 8 dnsmasq contains a wealth of helpful information about all the available command-line options, many of which are also dnsmasq.conf options
dnsmasq.conf is also a great help resource
dnsmasq home page is where you’ll find mailing list archives and excellent help documents: http://www.thekelleys.org.uk/dnsmasq/doc.html
Chapter 24, “Managing Name Resolution,” in Linux Cookbook, by Carla Schroder (O’Reilly)
