(networking) added sample config for dnsmasq and note on how to enable
routing
This commit is contained in:
scbj
59
dnsmasq.conf
Normal file
59
dnsmasq.conf
Normal file
@@ -0,0 +1,59 @@
|
||||
# Configuration file for dnsmasq.
|
||||
#
|
||||
# Format is one option per line, legal options are the same
|
||||
# as the long options legal on the command line. See
|
||||
# "/usr/sbin/dnsmasq --help" or "man 8 dnsmasq" for details.
|
||||
|
||||
# Listen on this specific port instead of the standard DNS port
|
||||
# (53). Setting this to zero completely disables DNS function,
|
||||
# leaving only DHCP and/or TFTP.
|
||||
#port=5353
|
||||
|
||||
# The following two options make you a better netizen, since they
|
||||
# tell dnsmasq to filter out queries which the public DNS cannot
|
||||
# answer, and which load the servers (especially the root servers)
|
||||
# unnecessarily. If you have a dial-on-demand link they also stop
|
||||
# these requests from bringing up the link unnecessarily.
|
||||
|
||||
# Never forward plain names (without a dot or domain part)
|
||||
domain-needed
|
||||
# Never forward addresses in the non-routed address spaces.
|
||||
bogus-priv
|
||||
|
||||
# Uncomment this to filter useless windows-originated DNS requests
|
||||
# which can trigger dial-on-demand links needlessly.
|
||||
# Note that (amongst other things) this blocks all SRV requests,
|
||||
# so don't use it if you use eg Kerberos, SIP, XMMP or Google-talk.
|
||||
# This option only affects forwarding, SRV records originating for
|
||||
# dnsmasq (via srv-host= lines) are not suppressed by it.
|
||||
filterwin2k
|
||||
|
||||
# If you want dnsmasq to listen for DHCP and DNS requests only on
|
||||
# specified interfaces (and the loopback) give the name of the
|
||||
# interface (eg eth0) here.
|
||||
# Repeat the line for more than one interface.
|
||||
interface=enp3s0
|
||||
|
||||
# Set this (and domain: see below) if you want to have a domain
|
||||
# automatically added to simple names in a hosts-file.
|
||||
expand-hosts
|
||||
|
||||
# Set the domain for dnsmasq. this is optional, but if it is set, it
|
||||
# does the following things.
|
||||
# 1) Allows DHCP hosts to have fully qualified domain names, as long
|
||||
# as the domain part matches this setting.
|
||||
# 2) Sets the "domain" DHCP option thereby potentially setting the
|
||||
# domain of all systems configured by DHCP
|
||||
# 3) Provides the domain part for "expand-hosts"
|
||||
domain=quakers
|
||||
|
||||
# Uncomment this to enable the integrated DHCP server, you need
|
||||
# to supply the range of addresses available for lease and optionally
|
||||
# a lease time. If you have more than one network, you will need to
|
||||
# repeat this for each network on which you want to supply DHCP
|
||||
# service.
|
||||
dhcp-range=10.0.0.2,10.0.0.254,12h
|
||||
|
||||
|
||||
# For static ip assignment use the option `dhcp-host`
|
||||
#dhcp-host=11:22:33:44:55:66,192.168.0.60
|
||||
22
network.md
Normal file
22
network.md
Normal file
@@ -0,0 +1,22 @@
|
||||
# network
|
||||
|
||||
This document holds network related notes.
|
||||
|
||||
<!--toc:start-->
|
||||
- [network](#network)
|
||||
- [enable routing](#enable-routing)
|
||||
<!--toc:end-->
|
||||
|
||||
|
||||
## enable routing
|
||||
|
||||
To enable routing permanently add a file `/etc/sysctl.d/` with the following contents:
|
||||
|
||||
```ini
|
||||
net.ipv4.ip_forward=1
|
||||
```
|
||||
|
||||
## simple gateway with nftables
|
||||
|
||||
> **WARNING:** do not use this configuration for an edge router (directly connected to the internet/isp)!
|
||||
|
||||
Reference in New Issue
Block a user