Menu
What's new
By:
Filters Better Search

Question regarding Merlin's dnsmasq.conf file

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

johnathonm

johnathonm

Regular Contributor
Hello there,

I was looking over the default configuration of Merlin's dnsmasq.conf file and was hoping that someone could explain several of the entries. I will post the conf:

pid-file=/var/run/dnsmasq.pid
user=nobody
bind-dynamic - Excuse my noob question here but why would you use bind-dynamic over bind-interface? As
interface=br0
interface=pptp* - what is the purpose of this interface? If we delete it from the conf will it be gone completely in terms of dnsmasq seeing it or communicating with it?

no-dhcp-interface=pptp*
no-resolv
servers-file=/tmp/resolv.dnsmasq
no-poll
no-negcache
cache-size=1500
min-port=4096
dhcp-range=lan,192.168.1.2,192.168.1.50,255.255.255.0,86400s
dhcp-option=lan,3,192.168.1.1
dhcp-option=lan,252,"\n"
dhcp-authoritative

interface=tun21 - what is the purpose of this interface? If we delete it from the conf will it be gone completely in terms of dnsmasq seeing it or communicating with it?

interface=tun22- what is the purpose of this interface? If we delete it from the conf will it be gone completely in terms of dnsmasq seeing it or communicating with it?

quiet-dhcp
quiet-dhcp6

I am just trying to shut down points of entry/exit whenever or wherever possible and I am unclear on what these are and how to do it (since DHCP and DNS services are being provided by DNSMASQ).

Thank you,

Johnathon
 
ColinTaylor said:
The pptp and tun interfaces are the VPN servers (PPTP and OpenVPN).
Click to expand...
If you know you will not need to use PPTP or OpenVPN you can remove them.
I have and all still works perfectly fine.
As long as you are not making wholesale changes to the scripts and you understand what you are doing it should be safe.
Just keep backups of the originals and roll-back if you have an issue you cannot fix. (Or re-install fresh.)
[Typos are the usual cause when making small changes/edits :) ]

As per usual, don't expect other people to fix problems if you completely change the setup to something totally unsupported/unsupportable of your own, which is fair enough. !!!
(The basis I personally work to ....... if I break it by 'changing' everything ..... then I 'fix it', my problem !!! :) ]
 
Twiglets said:
If you know you will not need to use PPTP or OpenVPN you can remove them.
I have and all still works perfectly fine.]
Click to expand...
Unless there's some change/bug in the newer firmwares those interface lines won't be present unless you are running the associated VPN server. In which case they need to be left in.
 
ColinTaylor said:
Unless there's some change/bug in the newer firmwares those interface lines won't be present unless you are running the associated VPN server. In which case they need to be left in.
Click to expand...
They appeared after a recent update / enablement of 'Aiprotection' etc which I disabled in the end.
(I was trying some options/changes out and after a few 'bounces' :) they had appeared !!!)
I know I do not need or use VPN on the router, so removed the lines.

I do not have a repeatable set of steps to follow to reproduce it so put it down to me 'playing' with the configuration !!!

As I said 'know' what you are doing ........ or not as the case may be !!! :)
 
Then I shall break my internet again, because that's how I roll. I will post my modified conf for your feedback, if that's alright.
 
And behold... doomsday.

pid-file=/var/run/dnsmasq.pid
user=nobody
bind-dynamic
max-cache-ttl=44300
interface=br0
localise-queries
except-interface=interface=pptp*
no-resolv
servers-file=/jffs/resolv.dnsmasq
no-poll
selfmx
all-servers
dns-loop-detect
stop-dns-rebind
bogus-priv
filterwin2k
dhcp-sequential-ip
no-negcache
local-service
cache-size=10000
min-port=4096
dhcp-range=lan,192.168.1.2,192.168.1.254,255.255.255.0,86400s
dhcp-option=lan,3,192.168.1.1
dhcp-option=lan,252,"\n"
dhcp-authoritative
except-interface=interface=tun21
except-interface=interface=tun22
quiet-dhcp
quiet-dhcp6
trust-anchor=.,19036,8,2,49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE32F24E8FB5
trust-anchor=.,20326,8,2,E06D44B80B8F1D39A95C0B0D7C65D08458E880409BBC683457104237C7F8EC8D
dnssec
dnssec-no-timecheck
 
You must log in or register to reply here.

Similar threads

Divader
DNS not working directly from router but works fine everywhere else on network - nslookup server 0.0.0.0
Replies
18
Views
961
Ripshod
Ripshod
N
RT-AX86U-Pro, WAN disconnect every 36 hours
2
Replies
25
Views
2K
Nick24
N
R
ddns: vlan2 not find External WAN IP, go retry.(10)
Replies
18
Views
2K
lgkahn
L
B
Dnsmasq and nslookup(!) not working.
Replies
14
Views
2K
Boilerplate4U
B
J
Solved OpenVPN clients can't resolve custom domains defined in dnsmasq config
Replies
2
Views
1K
jkbach
J
Similar threads
Thread starter Title Forum Replies Date
W Question: About AX4200 regarding SSH support and Entware Asuswrt-Merlin 23
T Quick question regarding data usage. Asuswrt-Merlin 1
D Solved ethtool question regarding at boot Asuswrt-Merlin 2
P Basic question on usericon files Asuswrt-Merlin 0
E Question about DDNS forced update interval RT-AX86U Asuswrt-Merlin 3
octopus Wireguard question Asuswrt-Merlin 6
O service-event-end question Asuswrt-Merlin 2
W Quick Network/Guest question Asuswrt-Merlin 14
S VPN Director Question Asuswrt-Merlin 4
M GT-AX6000 Bios Question Asuswrt-Merlin 2

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 809 (members: 20, guests: 789)
Top