add dnsmasq instructions for DNS override

This commit is contained in:
Alexander Bocken 2024-01-03 00:24:06 +01:00
parent 2182cbabd6
commit c7c1dfd44e
Signed by: Alexander
GPG Key ID: 1D237BE83F9B05E8
3 changed files with 84 additions and 3 deletions

80
docs/dnsmasq.md Normal file
View File

@ -0,0 +1,80 @@
# DNSMasq
A simple and lightweight DNS and DHCP server for local development.
Personally I have only yet used this to circumvent NAT Loopback issues with my router, but it can be used for much more.
## Installation
It's a simple
```sh
pacman -S dnsmasq
```
### Configuration
We need to disable the systemd-resolved service, as it will conflict with DNSMasq.
Afterwards we can start the DNSMasq service.
```sh
systemctl disable systemd-resolved.service
systemctl stop systemd-resolved.service
systemctl enable --now dnsmasq.service
```
We can now look into the configuration file at `/etc/dnsmasq.conf` and make changes to our liking.
```conf
listen-address=::1,127.0.0.1,192.168.1.1
```
More cached DNS queries:
```conf
cache-size=1000
```
(max 10000)
DNSSec validation:
```conf
conf-file=/usr/share/dnsmasq/trust-anchors.conf
dnssec
```
## DNS Forwarding
We will most likely not have all wanted DNS entries ourselves and should look these up on a different server.
We can do this by chaning `/etc/resolv.conf` to the following:
```conf
nameserver ::1
nameserver 127.0.0.1
options trust-ad
```
If we want Networkmanager to not overwrite this file, we can set it to immutable:
```sh
chattr +i /etc/resolv.conf
```
then restart Networkmanager:
```sh
systemctl restart NetworkManager.service
```
Now add your upstream DNS servers to `/etc/dnsmasq.conf`:
```conf
no-resolv
# Google's nameservers, for example
server=8.8.8.8
server=8.8.4.4
```
## Address Overrides
For NAT Loopback we need to override the DNS entries for our local network.
For example if we want to direct `cloud.example.com` to our server directly, we can add the following to `/etc/dnsmasq.conf`:
```conf
address=/cloud.example.com/192.168.1.2
```
adjust the IP address to your setup.
After restarting the dnsmasq service, we can check if the DNS entry is correct:
```sh
drill cloud.example.com
```
You can now set this DNS server as your primary DNS server in your router or on your local machine.

View File

@ -252,12 +252,12 @@ You might see in your admin overview (https://cloud.example.com/settings/admin/o
Your remote address was identified as "192.168.1.1" and is bruteforce throttled at the moment slowing down the performance of various requests. If the remote address is not your address this can be an indication that a proxy is not configured correctly. Further information can be found in the documentation ↗. Your remote address was identified as "192.168.1.1" and is bruteforce throttled at the moment slowing down the performance of various requests. If the remote address is not your address this can be an indication that a proxy is not configured correctly. Further information can be found in the documentation ↗.
This is because Nextcloud is not able to detect the specific local machine you're connecting from and hence throttles all local connections. This is because Nextcloud is not able to detect the specific local machine you're connecting from and hence throttles all local connections.
The underlying issue is not Nextcloud but your Network setup, specifically your router. The underlying issue is not Nextcloud but your Network setup, specifically your router not allowing for the disabling of NAT Loopback.
Discussion of this problem can be found here: https://help.nextcloud.com/t/all-lan-ips-are-shown-as-the-router-gateway-how-can-i-get-the-actual-ip-address/134872 Discussion of this problem can be found here: https://help.nextcloud.com/t/all-lan-ips-are-shown-as-the-router-gateway-how-can-i-get-the-actual-ip-address/134872
Your solution: Set up a local DNS server and resolve your domain to your local IP address, not the public one. Your solution: Set up a local DNS server and resolve your domain to your local IP address, not the public one.
A simple appraoch would be to use dnsmasq for this.
TODO See [my dnsmasq.md](./dnsmasq.md) for more details on how to set this up.
## Syncing files with Nextcloud ## Syncing files with Nextcloud
They GUI for syncing is surprisingly unusable, luckily the CLI is much better. They GUI for syncing is surprisingly unusable, luckily the CLI is much better.

View File

@ -29,6 +29,7 @@ Happy to accept pull requests for new topics!
- [docker](docs/docker.md) General tips and tricks around the container manager - [docker](docs/docker.md) General tips and tricks around the container manager
- [Searx](docs/Searx.md) A meta searchengine which respects privacy. Arch setup guide. - [Searx](docs/Searx.md) A meta searchengine which respects privacy. Arch setup guide.
- [Nextcloud](docs/Nextcloud.md) A self-hosted cloud solution. Installation (on Arch), configuration, and usage tips. - [Nextcloud](docs/Nextcloud.md) A self-hosted cloud solution. Installation (on Arch), configuration, and usage tips.
- [dnsmasq](docs/dnsmasq.md) A lightweight DNS server with DHCP and TFTP support.
======= =======
- [calcurse sync](docs/calDAV.md) Sync calcurse with you phone etc. - [calcurse sync](docs/calDAV.md) Sync calcurse with you phone etc.