search

AdguardTeam / AdGuardHome

Network-wide ads & trackers blocking DNS server
https://adguard.com/adguard-home.html
GNU General Public License v3.0
23.56k stars 1.73k forks source link

dns.bind_hosts: bind to interfaces #5909

Open hellodword opened 1 year ago

hellodword commented 1 year ago

Prerequisites

The problem

Sometimes we do not want to bind adguardhome to 0.0.0.0:53.

For example: adguardhome is running on a DHCP-Client machine, and I do want to serve it on eth1:53, but I do not know the DHCP IP of eth1 before it get one.

'dns':
    'bind_hosts':
        - '127.0.0.1'
-        - '192.168.1.2'
+    'interfaces':
+        - 'eth1'

Proposed solution

Similar with -i, --interface=<interface name> of dnsmasq

-i, --interface= Listen only on the specified interface(s). Dnsmasq automatically adds the loopback (local) interface to the list of interfaces to use when the --interface option is used. If no --interface or --listen-address options are given dnsmasq listens on all available interfaces except any given in --except-interface options. On Linux, when --bind-interfaces or --bind-dynamic are in effect, IP alias interface labels (eg "eth1:0") are checked, rather than interface names. In the degenerate case when an interface has one address, this amounts to the same thing but when an interface has multiple addresses it allows control over which of those addresses are accepted. The same effect is achievable in default mode by using --listen-address. A simple wildcard, consisting of a trailing '*', can be used in --interface and --except-interface options.

Alternatives considered and additional information

Is this an acceptable feature? I'd love to implement this.

ainar-g commented 1 year ago

This is an acceptable feature, but we'd rather wait until a few pieces of our network code are refactored to do something like this.

I'm also not entirely sure how something like this can be done on all operating systems that AGH supports.

hellodword commented 1 year ago

wait until a few pieces of our network code are refactored

Sure.

can be done on all operating systems

I think network things are hard to say "support all operating systems", even in the current ADH, we also have some *_others.go files.

Implement new features on the top operating systems, give warnings on other operating systems if users force to use these new features, and keep former behaviors if users are not using them.

timkgh commented 1 year ago

Out of curiosity, if the IP of the DNS server is dynamic, how do clients find it? Is it doing dynamic DNS and the clients look it up via a different DNS server?

hellodword commented 1 year ago

Out of curiosity, if the IP of the DNS server is dynamic, how do clients find it? Is it doing dynamic DNS and the clients look it up via a different DNS server?

For example:

I'm using a cute 1-Port machine as a travel router(without wifi), running ADH, wireguard, and other services. I know the interface name, but I do not know the IP. If using dns.bind_hosts, I have to modify the config file in every hotel.