Dnsmasq and dhclient: use a specific DNS for a specific domain

From Deimos.fr / Bloc Notes Informatique
Jump to: navigation, search

Software version isc-dhcp-client 4.3.0 dnsmasq 2.71
Operating System Debian 8
Website Debian Website
Last Update 27/07/2014

1 Introduction

My use case is specific but not isolated. When I'm at work, I'm connected to my VPN at home. I have a specific DNS at home for my domain in deimos.lan and this is very useful to avoid me to remind all the IP of the services I have.

Sometimes, I want to connect to a home service from the VPN, but my bookmarks are with the local DNS at home which is of course not known from the DNS at work. A solution is to add specifics entries in /etc/hosts but it quickly starts to be very boring. That's why I've searched a solution to use my DNS at home only when I try to reach deimos.lan domain.

2 Installation

First of all, I need a dhcp client (as I have a DHCP server at home and at work) and dnsmasq to run locally on my laptop:

Command aptitude
aptitude install dnsmasq isc-dhcp-client

3 Configuration

3.1 Dnsmasq

We're going to setup dnsmasq like this:

Configuration File /etc/dnsmasq.conf

Here are explanations:

  • server: you need to specify for the domain (deimos.lan) which DNS server should be targeted (
  • interface: the interface to listen on
  • listen-address: only listen to IP address
  • bind-interfaces: only bind to specified interfaces (here: lo)

And restart dnsmasq to apply this new configuration.

3.2 DHCP client

If we now change resolv.conf values to point to the DNS, we will be correctly redirected. But the problem is everytime the dhcp lease will expire and renewed, it will change the resolv.conf file. To avoid it, we're going to add this line in the dhclient configuration file:

Configuration File /etc/dhcp/dhclient.conf
prepend domain-name-servers;

This will force the first "nameserver" line in resolv.conf to be To finish, restart the dhclient service to have this new version working.

Notes Notes
On RedHat OS like, you may need to add this line "PEERDNS=yes" in your network configuration file