You are not logged in.
- Topics: Active | Unanswered
#1 2017-12-06 03:53:16
- andreab82
- Member
- Registered: 2017-12-06
- Posts: 4
resolv.conf - different nameservers based on domains?
Hi,
I'm trying to solve this problem on my laptop where I cannot resolve local (LAN) domains/machines after connecting to my company's VPN.
Let me show you the problem.
Step 1:
I connect to my local wireless and this is what my /etc/resolv.conf file looks like:
$ cat /etc/resolv.conf
# Generated by resolvconf
search home
nameserver 10.55.61.1I can now ping local domains/machines:
$ ping willy
PING willy.home (10.55.55.34) 56(84) bytes of data.
64 bytes from willy.home (10.55.55.34): icmp_seq=1 ttl=63 time=1.05 ms
64 bytes from willy.home (10.55.55.34): icmp_seq=2 ttl=63 time=1.61 msStep 2:
I connect to the company VPN and my resolv.conf gets modified like this:
$ cat /etc/resolv.conf
# Generated by resolvconf
search company.int home
nameserver 10.251.11.12
nameserver 10.55.61.1Now I cannot ping local domains/machines any longer, as the company name server (10.251.11.12) is the only one used.
Is there a way so that I can resolve local domains/machine names even after having connected to the company VPN please?
At the moment the main questions I have in mind as possible ways to solve the problem are:
- whether I should run a local name server on my laptop (even though I'm not sure how it would help at this stage);
- whether resolvconf.conf is the piece of software which will save me (once I understood how to configure it).
Any suggestion to point me in the right direction would be much appreciated.
Regards,
Andrea
Offline
#2 2017-12-06 05:01:23
- GenkiSky
- Member
- From: This account is henceforth dis
- Registered: 2017-04-04
- Posts: 82
Re: resolv.conf - different nameservers based on domains?
Did you confirm somehow that it's a DNS issue and not a routing issue? E.g. did you try pinging that LAN ip address directly? What is your ip route before and after? Also just for sanity's sake, what happens if you ping willy.home rather than just willy?
Offline
#3 2017-12-06 10:04:18
- andreab82
- Member
- Registered: 2017-12-06
- Posts: 4
Re: resolv.conf - different nameservers based on domains?
Hi,
Yes, the routing is fine.
Now I am connected to the company VPN and:
$ ping willy
ping: willy: Name or service not known
$ ping willy.home
ping: willy.home: Name or service not knownWhile if I ping the IP directly of willy.home I get:
$ ping 10.55.55.34
PING 10.55.55.34 (10.55.55.34) 56(84) bytes of data.
64 bytes from 10.55.55.34: icmp_seq=1 ttl=63 time=1.67 ms
64 bytes from 10.55.55.34: icmp_seq=2 ttl=63 time=1.78 msThis is simply because when trying to resolve willy/willy.home/(anything else in my LAN) my laptop asks "10.251.11.12", which is the company name server and obviouly knows nothing about my personal LAN.
Thanks,
Andrea
Offline
#4 2017-12-06 10:39:39
- progandy
- Member
- Registered: 2012-05-17
- Posts: 5,190
Re: resolv.conf - different nameservers based on domains?
I believe you can run a local resolver like dnsmasq.
Then prepend the local resolver in resolvconf.conf with "name_servers"
Alternatively set /etc/resolv.conf to dnsmasq,
In resolvconf.conf change resolve_conf to e.g. dns.servers
In dnsmasq.conf set resolv-file to dns.servers
https://wiki.archlinux.org/index.php/Dn … esolv.conf
http://jlk.fjfi.cvut.cz/arch/manpages/m … onf.conf.5
| alias CUTF='LANG=en_XX.UTF-8@POSIX ' |
Offline
#5 2017-12-06 11:09:58
- rsmarples
- Member
- Registered: 2009-05-12
- Posts: 287
Re: resolv.conf - different nameservers based on domains?
openresolv configuration examples:
https://roy.marples.name/projects/openresolv/config
I personally use and recommend unbound because there is no compile requirement like dbus to get optimal usage.
Offline
#6 2017-12-07 04:30:54
- andreab82
- Member
- Registered: 2017-12-06
- Posts: 4
Re: resolv.conf - different nameservers based on domains?
Hi,
Thank you very much for the tips and links.
I had a quick look at unbound (which I am really interested in) but I could not figure out what I needed fast enough.
I tried to start dnsmasq but I can't start it as another service is using port 53 (I think it's because of some VLAN I have running for some other VMs).
And, even if I get this to work, I'll have to figure out how to configure it.
I'll get back to this as soon as I have some time to dedicate to study the different solutions.
Again, thank you very much for your support.
I hope to get it sorted soon.
Regards,
Andrea
Offline
#7 2017-12-23 09:50:45
- andreab82
- Member
- Registered: 2017-12-06
- Posts: 4
Re: resolv.conf - different nameservers based on domains?
Hi,
Just to give you a quick update on this, I finally found the time to investigate the solutions proposed above.
I managed to setup unbound on my laptop.
For everyone's benefit, /etc/resolv.conf simply looks like this:
search company.int home
nameserver 127.0.0.1"company.int" is added/removed automatically when I connect/disconnect from the company VPN.
While the main unbound config looks like this:
server:
use-syslog: yes
username: "unbound"
directory: "/etc/unbound"
trust-anchor-file: trusted-key.key
module-config: iterator
do-not-query-localhost: no
verbosity: 1
access-control: 127.0.0.0/8 allow
do-ip6: no
forward-zone:
name: "home"
forward-addr: 10.55.55.1
forward-zone:
name: "company.int"
forward-addr: 10.100.1.10
forward-addr: 10.100.1.11Thank you all for the help.
Regards,
Andrea
Offline