On Thu, Dec 22, 2022 at 3:46 PM Michael Smith <mich...@kmaclub.com> wrote:
> I run 2 instances of pihole (DNSmasq) on docker. Each run on their own > IP address (macvlan) separate from the docker host. Their IP addresses > are .2 and .3. > > > The .2 host is primary and forwards upstream to 1.1.1.1. This container > also holds all the hosts file info and handles DHCP+dynamic host DNS > resolution. > > The .3 host is secondary and handles only DNS requests for the kids. > This forwards upstream to 1.1.1.3. If a DNS request comes in for local > domain info, it simply forwards those requests to .2 like this: > > server=/mydomain.com/192.168.101.2 > server=/101.168.192.in-addr.arpa/192.168.101.2 > > > Combine with the tagging and now you can point any client to either > upstream DNS: > > # Define DNS servers > dhcp-option=option:dns-server,192.168.101.2 > dhcp-option=tag:kidsdevices,option:dns-server,192.168.101.3 > > dhcp-host=0c:51:01:95:d3:36,set:kidsdevices # Ipad > dhcp-host=58:41:4E:CD:D2:0A,set:kidsdevices # Iphone > Thanks everybody for the discussion. I ended up doing something like what Michael and Geert described and adding a second IP to my server and running two instances of dnsmasq. The primary instance handles DHCP, uses 1.1.1.2 as its upstream, and tags a handful of devices to use it for DNS: no-resolv server=1.1.1.2 interface=lo interface=eth0 # 10.1.1.32 bind-interfaces dhcp-host=1c:0d:7d:13:9e:3e,set:cf1112 dhcp-option=option:dns-server,10.1.1.33 dhcp-option=tag:cf1112,option:dns-server,10.1.1.32 The secondary instance is just doing DNS and using 1.1.1.3 as its upstream: no-resolv server=1.1.1.3 interface=eth0:1 # 10.1.1.33 except-interface=lo no-dhcp-interface=eth0:1 bind-interfaces Thanks Eric for describing the ways this is insufficient :) I have not been keeping up with all the advancements in the world of DNS. jonathan
_______________________________________________ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
