User Tools

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision		Previous revision
router:dnsmasq [2024/02/08 17:29] – created willyrouter:dnsmasq [Unknown date] (current) – removed - external edit (Unknown date) 127.0.0.1
Line 1: Line 1:
- 
-===== Router configuration ===== 
- 
-The goal is to configure you home server to act as a router/gateway for your internal network. First of all, make sure your home network is **not** connected physically to any ISP gateway/router/modem. For security, you want all your traffic to go trough your home server. 
- 
-The home server will act as DNS server, DHCP server and gateway for your internal network. To achieve this goal i will show you how to use [[https://wiki.gentoo.org/wiki/Dnsmasq/|DNSmasq]] which is a very simple but powerful tool. 
- 
-Enable a couple of useful use-flags: 
-<code bash> 
- > echo net-dns/dnsmasq dhcp-tools dnssec >> /etc/portage/package.use/dnsmasq 
-</code> 
- 
-**dhcp.tools** is needed to ensure dnsmasq will support DHCP, while **dnssec** will be useful to enable dnssec support on the home network. 
- 
-First of all emerge it: 
-<code bash> 
- > emerge dnsmasq 
-</code> 
- 
-All you actually need to do it create a meaningful configuration file, take this one as example: 
-<file - dnsmasq.conf> 
-# Here put your home LAN interface 
-interface=enp0s31f6 
-# do not resolve your internal DNS names outside 
-domain-needed 
-# Never forward addresses in the non-routed address spaces 
-bogus-priv 
-# Use AdGuard DNS service to filter ads 
-no-resolv 
-no-poll 
-server=94.140.14.14 
-server=94.140.15.15 
-# You can add your own ads filters here (for me, AdGuard works good enough) 
-#addn-hosts=/etc/adblock.hosts 
-#  DHCP settings for internal network (from 100 to 250, under 100 are fixed ips) 
-dhcp-range=10.0.0.100,10.0.0.250,12h 
-# Send gateway and DNS values to the DHCP clients 
-dhcp-option=option:router,10.00.0.1 
-dhcp-option=option:dns-server,10.00.0.1 
-# Preassign fixed IPs via DHCP to specific hosts: 
-#dhcp-host=34:f3:9a:73:a6:a4,10.0.0.99 
-</file> 
- 
-Well, this is almost all. Start //dnsmasq// service and make it start on boot: 
-<code bash> 
- > rc-update add dnsmasq default 
- > /etc/init.t/dnsmasq start 
-</code> 
- 
-Now you can connect your devices to the home network and they will get an IP address and a full network configuration to go with it. 
- 
-<WRAP center round todo 60%> 
-Add DNS forced redirection to force all devices to go trough your ad blocker filters 
-</WRAP> 
-