Restrict DNS to given interface?
Ed W
Tue Aug 14 22:06:02 2012Hi, DNSMasq has an option to restrict the use of a DNS server to a specific interface. (format is server=1.2.3.4@eth1 )
For several situations I would like to limit my DNS as far as possible to specific upstream servers, however, in the case of captive portals and wifi access it's often necessary to compromise and allow some new DNS server to be used since others might be blocked. I would like to avoid "tainting" traffic by avoiding that DNS server where I can
Ideally this is a feature request that dhcpcd can be set to restrict dns to just that interface and in turn it indicates this to openresolv, which in turn would only support this on the subset of resolvers which can limit requests by interface
I'm not actually sure that this isn't a very common use case for the situation of having a globally accessible DNS (OpenDNS/GoogleDNS/Something Else), but various interfaces are trying to add additional DNS servers. Eg adding my 3G data card as an available backup route is currently adding those DNS entries even though I might be using a DSL line at present. DNSmasq is smart enough to latch on to the "fastest responding server", but in the event that not all DNS servers are the same, then I would prefer to lock the 3G DNS server to only be available over that 3G connection.
Would you consider such a feature request? Is there some existing ability that I might have overlooked that can implement this?
Thanks Ed W
| Re: Restrict DNS to given interface? | Roy Marples |