(networking) added sample config for dnsmasq and note on how to enable
routing
This commit is contained in:
scbj
59
dnsmasq.conf
Normal file
59
dnsmasq.conf
Normal file
@@ -0,0 +1,59 @@
|
|||||||
|
# Configuration file for dnsmasq.
|
||||||
|
#
|
||||||
|
# Format is one option per line, legal options are the same
|
||||||
|
# as the long options legal on the command line. See
|
||||||
|
# "/usr/sbin/dnsmasq --help" or "man 8 dnsmasq" for details.
|
||||||
|
|
||||||
|
# Listen on this specific port instead of the standard DNS port
|
||||||
|
# (53). Setting this to zero completely disables DNS function,
|
||||||
|
# leaving only DHCP and/or TFTP.
|
||||||
|
#port=5353
|
||||||
|
|
||||||
|
# The following two options make you a better netizen, since they
|
||||||
|
# tell dnsmasq to filter out queries which the public DNS cannot
|
||||||
|
# answer, and which load the servers (especially the root servers)
|
||||||
|
# unnecessarily. If you have a dial-on-demand link they also stop
|
||||||
|
# these requests from bringing up the link unnecessarily.
|
||||||
|
|
||||||
|
# Never forward plain names (without a dot or domain part)
|
||||||
|
domain-needed
|
||||||
|
# Never forward addresses in the non-routed address spaces.
|
||||||
|
bogus-priv
|
||||||
|
|
||||||
|
# Uncomment this to filter useless windows-originated DNS requests
|
||||||
|
# which can trigger dial-on-demand links needlessly.
|
||||||
|
# Note that (amongst other things) this blocks all SRV requests,
|
||||||
|
# so don't use it if you use eg Kerberos, SIP, XMMP or Google-talk.
|
||||||
|
# This option only affects forwarding, SRV records originating for
|
||||||
|
# dnsmasq (via srv-host= lines) are not suppressed by it.
|
||||||
|
filterwin2k
|
||||||
|
|
||||||
|
# If you want dnsmasq to listen for DHCP and DNS requests only on
|
||||||
|
# specified interfaces (and the loopback) give the name of the
|
||||||
|
# interface (eg eth0) here.
|
||||||
|
# Repeat the line for more than one interface.
|
||||||
|
interface=enp3s0
|
||||||
|
|
||||||
|
# Set this (and domain: see below) if you want to have a domain
|
||||||
|
# automatically added to simple names in a hosts-file.
|
||||||
|
expand-hosts
|
||||||
|
|
||||||
|
# Set the domain for dnsmasq. this is optional, but if it is set, it
|
||||||
|
# does the following things.
|
||||||
|
# 1) Allows DHCP hosts to have fully qualified domain names, as long
|
||||||
|
# as the domain part matches this setting.
|
||||||
|
# 2) Sets the "domain" DHCP option thereby potentially setting the
|
||||||
|
# domain of all systems configured by DHCP
|
||||||
|
# 3) Provides the domain part for "expand-hosts"
|
||||||
|
domain=quakers
|
||||||
|
|
||||||
|
# Uncomment this to enable the integrated DHCP server, you need
|
||||||
|
# to supply the range of addresses available for lease and optionally
|
||||||
|
# a lease time. If you have more than one network, you will need to
|
||||||
|
# repeat this for each network on which you want to supply DHCP
|
||||||
|
# service.
|
||||||
|
dhcp-range=10.0.0.2,10.0.0.254,12h
|
||||||
|
|
||||||
|
|
||||||
|
# For static ip assignment use the option `dhcp-host`
|
||||||
|
#dhcp-host=11:22:33:44:55:66,192.168.0.60
|
||||||
22
network.md
Normal file
22
network.md
Normal file
@@ -0,0 +1,22 @@
|
|||||||
|
# network
|
||||||
|
|
||||||
|
This document holds network related notes.
|
||||||
|
|
||||||
|
<!--toc:start-->
|
||||||
|
- [network](#network)
|
||||||
|
- [enable routing](#enable-routing)
|
||||||
|
<!--toc:end-->
|
||||||
|
|
||||||
|
|
||||||
|
## enable routing
|
||||||
|
|
||||||
|
To enable routing permanently add a file `/etc/sysctl.d/` with the following contents:
|
||||||
|
|
||||||
|
```ini
|
||||||
|
net.ipv4.ip_forward=1
|
||||||
|
```
|
||||||
|
|
||||||
|
## simple gateway with nftables
|
||||||
|
|
||||||
|
> **WARNING:** do not use this configuration for an edge router (directly connected to the internet/isp)!
|
||||||
|
|
||||||
Reference in New Issue
Block a user