[clug] Two networks, separate DNS: Fake Root?

[Alex Satrapa]

On 20/05/2010, at 10:03 , Alex (Maxious) Sadleir wrote:

> Perhaps I'm misunderstanding your requirements but this seems to be
> one of the major use cases for dnsmasq :)

Yup, you're missing the specific use case: the lab network cannot see the other network since there is specifically and intentionally no route between the two networks.

> From the man page "Dnsmasq accepts DNS queries and either answers them
> from a small, local, cache or forwards them to a real, recursive, DNS
> server.

To do this, dnsmasq must have access to the upstream network.  Having dnsmasq on the machine that is dual-homed could solve the problem, at the cost of the lab network being locked to this particular setup.  The catch there is that the dual-homed machine uses DHCP to get an address for its wireless connection to the lab network.

On 20/05/2010, at 10:17 , Jeff wrote:

> If it's just the one box (your host) you could edit /etc/hosts. Alternatively, if you want other machines on you local network to be able to find these hosts you may need to add authorative entries in the local dns server for the .lan zone.

I think the simplest solution for me by far is to add entries in /etc/hosts for just the devices on the ".lan" network. At present there are three devices, which will expand to about ten later on (maybe).

> I'm guessing that you neither need or want different dns views, ie having the same name resolve to different IP address based on your source address. Unfortunately, I'm not familar with dnsmasq, but from a quick scan of the man page I'm guessing you can either add the hosts to /etc/hosts or 

No, I'm not looking for "split horizon" DNS which resolves the same name to different addresses depending on which side of a network border you're querying from. I'm looking for a way to resolve names under one TLD from one set of DNS servers (in this case, 1 server), and names for every other TLD from the "normal" DNS that every other computer on my "normal" network uses.

From memory I could do this using Bind on my local machine to serve up a fake root file, which mirrors the normal roots, but knows to forward queries for the ".lan" TLD to that server sitting in the blue box on my desk.

But given the task at hand, perhaps manually maintaining the /etc/hosts file on the dual-homed computer is the simplest option in terms of the time required to get the functionality required. Said functionality being that "ssh openwrt.lan" gets me a shell on the blue box on my desk, while "ssh xyz.example.com" gets me a shell on that other machine I have located out there on The Internet somewhere. Now that I think of it, most other devices that I'm interested in connecting to are able to run Avahi, so I barely even need DNS on the lab network anyway: just use "xyz.local" to connect to the other bits and bobs.

Once again, I've ended up looking for the most complicated possible solution to a problem when the simple answer was right under my nose. One entry in /etc/hosts for openwrt.local, use mDNS for everything else :)

Thanks to everyone who offered advice!

Alex