dnsmasq is capable of being the first DNS for clients and determining which requests should go to the AD controller and which to external DNS. Or, the configuration you describe is also possible.
Where Ravi appears to have gone wrong is in thinking that /etc/resolv.conf addresses would be sent to client. dnsmasq never does that. On Sat, Aug 5, 2017 at 12:35 PM, <wkitt...@gmail.com> wrote: > On 08/05/2017 11:43 AM, /dev/rob0 wrote: > >> Yes, there is an option you can use in dnsmasq.conf to change the >> nameserver[s] given to DHCP clients, but why do you want that? See the >> dnsmasq(8) manual for details. >> > > one possibility is on an AD network where all device DNS lookups go > through the AD controller... the AD controller then talks to dnsmasq > running on the perimeter firewall and handles the lookups to outside DNS > servers... everything inside the AD network being restricted to the AD > network so no individual devices can make lookups outside... they can only > talk to the AD controller for DNS and the AD controller can only talk to > dnsmasq for DNS... the AD controller is not the perimeter device for > traffic headed outside of the AD network... the perimeter firewall running > dnsmasq is, though... > > > -- > NOTE: No off-list assistance is given without prior approval. > *Please keep mailing list traffic on the list unless* > *a signed and pre-paid contract is in effect with us.* > > > _______________________________________________ > Dnsmasq-discuss mailing list > Dnsmasqemail@example.com > http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss >
_______________________________________________ Dnsmasq-discuss mailing list Dnsmasqfirstname.lastname@example.org http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss