| Ville Skyttä | bf23c8a | 2019-12-05 16:50:57 +0000 | [diff] [blame] | 1 | HOWTO |
| 2 | ===== |
| 3 | dnsmasq comes with the possibility to run multiple systemd service instances on the same machine. |
| 4 | There is the main service which is enabled by default via `systemctl enable dnsmasq.service` and uses the configuration from `/etc/default/dnsmasq`. |
| 5 | |
| 6 | Additional service instances can be enabled via `systemctl enable dnsmasq@<instance name>.service` that use the configuration from `/etc/default/dnsmasq.<instance name>`. |
| 7 | It is recommended to use a separate configuration file and directory for each instance. |
| 8 | Additionally make sure that all instances use either different ports and/or ip addresses to avoid binding collisions. |
| 9 | |
| 10 | Example setup for an instance called "alt" |
| 11 | #1 File `/etc/dnsmasq.alt.conf` copied from `/etc/dnsmasq.conf` |
| 12 | #2 Directory `/etc/dnsmasq.alt.d` |
| 13 | #3 File `/etc/default/dnsmasq.alt` copied from `/etc/default/dnsmasq` with following adaptions: |
| 14 | * The options DNSMASQ_OPTS and CONFIG_DIR point to the correct configuration file and directory. |
| 15 | DNSMASQ_OPTS="... --conf-file=/etc/dnsmasq.alt.conf ..." |
| 16 | CONFIG_DIR=/etc/dnsmasq.alt.d,.dpkg-dist,.dpkg-old,.dpkg-new |
| 17 | * The option DNSMASQ_EXCEPT must contain "lo" to avoid that an instance becomes the machine's DNS resolver. |
| 18 | DNSMASQ_EXCEPT="lo" |
| 19 | * If the additional instance should bind to all IP addresses of a specific interface, e.g. "dnsalt01", then the following addition could be used: |
| 20 | DNSMASQ_OPTS="... --bind-dynamic --interface=dnsalt01 ..." |
| 21 | Additionally the main instance must be stopped from binding to interfaces that are used by other instances: |
| 22 | DNSMASQ_OPTS="... --bind-dynamic --except-interface=dnsalt* ..." |
| 23 | * If the additional instance should not use the machine's DNS resolver, normally that's the dnsmasq main instance, as upstream server, then the following addition could be used: |
| 24 | IGNORE_RESOLVCONF=yes |
| 25 | #4 Enable additional instance via `systemctl enable dnsmasq@alt.service` |
| 26 | #5 Start additional instance without reboot via `systemctl start dnsmasq@alt.service` |
| 27 | |
| 28 | |
| 29 | |
| 30 | TODO |
| 31 | ==== |
| 32 | #1 - Found shortcoming on 2019-03-10 |
| 33 | Only the option DNSMASQ_EXCEPT="lo" avoids that an DNS instance will be set as the machine's DNS resolver. |
| 34 | This may interfere with the wish to run an additional instance on a different port on the localhost addresses. |
| 35 | My suggestion in the initial Debian report [1] was to specify an explicit variable for this. |
| 36 | |
| 37 | [1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914305#5 |
| 38 | |
| 39 | |
| 40 | #2 - Preferred configuration way |
| 41 | Should the variables DNSMASQ_INTERFACE and DNSMASQ_EXCEPT be used instead of --interface and --except-interface? (while "lo" still has to be in DNSMASQ_EXCEPT as of now) |