Closed sameersarkar-tcl closed 2 years ago
Hi Sameer.
My apologies if there was some confusion.
I helped you along with the previous issue to get you going quickly, because you had the code most of the way there except for the one missing line, but I should have been more clear that we don't intend to re-add the dnsmasq options to ziti-edge-tunnel.
I was suggesting that we make a plan to go forward with current releases of ziti-edge-tunnel and learn how to configure dnsmasq so that it works with the new capabilities of the DNS resolver in ziti-edge-tunnel.
@dariuszSki I think you mentioned you've gotten ZET to work with dnsmasq on openwrt?
Yes, not fully vetted though since I have lost connection to my remote test bed. Will provide the details here if Sameer can test it. I also asked another customer to try it out and waiting for a reply back.
uci add_list dhcp.@dnsmasq[0].server="100.64.0.2"
uci set dhcp.@dnsmasq[0].strictorder="true"
uci commit dhcp
/etc/init.d/dnsmasq restart
uci show |grep dns
...
dhcp.@dnsmasq[0]=dnsmasq
dhcp.@dnsmasq[0].domainneeded='1'
dhcp.@dnsmasq[0].boguspriv='1'
dhcp.@dnsmasq[0].filterwin2k='0'
dhcp.@dnsmasq[0].localise_queries='1'
dhcp.@dnsmasq[0].rebind_protection='1'
dhcp.@dnsmasq[0].rebind_localhost='1'
dhcp.@dnsmasq[0].local='/lan/'
dhcp.@dnsmasq[0].domain='lan'
dhcp.@dnsmasq[0].expandhosts='1'
dhcp.@dnsmasq[0].nonegcache='0'
dhcp.@dnsmasq[0].authoritative='1'
dhcp.@dnsmasq[0].readethers='1'
dhcp.@dnsmasq[0].leasefile='/tmp/dhcp.leases'
dhcp.@dnsmasq[0].resolvfile='/tmp/resolv.conf.auto'
dhcp.@dnsmasq[0].dhcpscript='/usr/sbin/dhcpinfo.sh'
dhcp.@dnsmasq[0].server='100.64.0.2'
dhcp.@dnsmasq[0].strictorder='true'
...
then ran the ziti-edge tunnel with u option
./ziti-edge-tunnel run -i identity.json -u 1.1.1.1
In my testing, the client on the lan would be set to send dns request to GW IP of the Lan., i.e. net 192.168.1.0/24, GW IP 192.168.1.1. Requests would be sent to 192.168.1.1, and then they should be forwarded to 100.64.0.2.
The following shall be done: