Using dnsmasq to service multiple subnets
I'm pretty new to using dnsmasq, and I would like to keep utilizing it in my lab environment. However, being new, I am unsure what commands/files to use. I've spent two days doing research and learning how my environment was configured, and I am willing to redo the whole vm at this point.
End state: I would like to configure the vm running dnsmasq to be able to serve as both the DNS and DHCP server for three vlans, each with their own subnet.
My environment:
- VMware vm with ubuntu 14.04 server with three vitual NICs
- Each NIC is assigned to a vmware distributed switch port group and the distributed switch has the vlans trunked to it
- Each port group is assigned one vlan
- The three (sample) subnets are 10.1.1.0/24, 10.2.1.0/24, and 10.2.2.0/24
- The router is a Cisco Catalyst 3560
Can somebody explain, step-by-step how to setup dnsmasq to reach the desired end-state? This will not only help me but will allow others to have these instructions for future use.
While I don't want there to be too many environment specific details (to keep it applicable to a wider audience), let me know if there is anything I need to clarify.
What I have tried so far:
Declaring each nic's ip addr, netmask, network, and broadcast in the /etc/networks/interfaces file. I added in the gateway and nameserver options to the first interface, but that doesn't work.
One question/answer that looked promising suggested that i put this in the config: post-up route add 10.2.2.10 via 10.2.2.1 dev eth1, post-up route add 10.1.1.10 via 10.1.1.1 dev eth2, but that didn't work either.
-
I tried two types of listening in the dnsmasq config, one based on the static IP I assigned the nics and the other to the interface names, which is what I have currently:
interface=eth0 no-dhcp-interface=eth0 interface=eth1 interface=eth2 no-dhcp-interface=eth1 no-dhcp-interface=eth2
I've set option three to specify each gateway as well as the range for each interface:
dhcp-range=eth0,10.2.1.121,10.1.1.249,24h
dhcp-option=eth0,3,10.2.1.1
I had option 6 set, but then I was told to run the command
dnsmasq -y
and I kept getting binding errors. so I commented out that option. However, this is what I had:dhcp-option=eth0,6,10.2.1.10
As of right now, if I statically give a vm on the 10.1.1.0/24 subnet an addr it can ping the other vms on the other subnets. However when I try to ping 10.1.1.10 (the ip addr assigned to the dnsmasq nic for that subnet) it doesn't resolve. The dnsmasq server still works for the first subnet it was configured for (10.2.1.0/24) but I want to get it working for the other two subnets.
Also, to clarify, when I say it doesn't work, I mean that the test vm I have on one of the new subnets can not ping it's subnet's dns addr and can not get to the internet.
So, to restate, I want to get what I have to the end state described above, and while I think the community would benefit more from having a step-by-step on how to set this type of environment up for their engineers, all I need is to figure what I need to do to move my current state to the end state.
Thanks for the help in advance!
Solution 1:
I talked to a friend of mine who has dealt with this type of thing before and here is what we did to get the environment to the end-state.
First, I never had to use dnsmasq -y, this worked as soon as I restarted the dnsmasq service and the test VM
The first thing we did was fix the dnsmasq server. In /etc/network/interfaces, you specifie the ip addr you want for that nic, use a netmask of 255.255.255.0, and define the network for that nic. It will look like this:
auto eth1
iface eth1 inet static
address 10.2.2.10
netmask 255.255.255.0
network 10.2.2.0
broadcast 10.2.2.255
The only change is to eth0, in which these three lines were already there. Not sure if they are needed (hopefully someone else can clarify that) but this is what I had added:
up route add default gw 10.2.1.1
dns-search my.lab
dns-nameservers <Corp-DNS-server>
I also removed the two post-up route lines, since they were not needed.
Finally, I needed to fix dnsmasq.conf; here I added the lo interface and commented out the no-dhcp-interface:
interface=lo
interface=eth0
interface=eth1
interface=eth2
#no-dhcp-interface=eth0
#no-dhcp-interface=eth1
#no-dhcp-interface=eth2
That fixed the server. The next thing to achieve the end-state is to configure your router to allow inter-vlan communication. I had already done that prior to this question, but here is an article to do that configuration: http://www.cisco.com/c/en/us/support/docs/lan-switching/inter-vlan-routing/41860-howto-L3-intervlanrouting.html
Lastly, I found that the test vm was not adding in the nameserver to its resolv.conf, so I added a file called tail to /etc/resolvconf/resolv.conf.d/ and simply added the dns server's ip for that subnet:
nameserver 10.1.1.10
Once I finished that, I was able to run apt-get update
and ping my dns names. I also then changed the test vm's interface file so it would get a dhcp addr and once I rebooted, it was able to recieve dhcp addrs.
I hope this helps everyone! Feel free to leave any comments if you wish for me to clarify.